Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-41040 (GCVE-0-2023-41040)
Vulnerability from cvelistv5 – Published: 2023-08-30 21:07 – Updated: 2025-11-03 21:49
VLAI
EPSS
Title
GitPython blind local file inclusion
Summary
GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has been addressed in version 3.1.37.
Severity
4 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://github.com/gitpython-developers/GitPython… | x_refsource_CONFIRM |
| https://github.com/gitpython-developers/GitPython… | x_refsource_MISC |
| https://github.com/gitpython-developers/GitPython… | x_refsource_MISC |
| https://github.com/gitpython-developers/GitPython… | x_refsource_MISC |
| https://github.com/gitpython-developers/GitPython… | x_refsource_MISC |
| https://github.com/gitpython-developers/GitPython… | x_refsource_MISC |
| https://github.com/pypa/advisory-database/tree/ma… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2023… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| gitpython-developers | GitPython |
Affected:
< 3.1.37
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:49:29.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c"
},
{
"name": "https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00030.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41040",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T18:04:46.833039Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T18:04:56.017Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "GitPython",
"vendor": "gitpython-developers",
"versions": [
{
"status": "affected",
"version": "\u003c 3.1.37"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn\u0027t check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has been addressed in version 3.1.37."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:31:08.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c"
},
{
"name": "https://github.com/gitpython-developers/GitPython/pull/1672",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gitpython-developers/GitPython/pull/1672"
},
{
"name": "https://github.com/gitpython-developers/GitPython/commit/74e55ee4544867e1bd976b7df5a45869ee397b0b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gitpython-developers/GitPython/commit/74e55ee4544867e1bd976b7df5a45869ee397b0b"
},
{
"name": "https://github.com/gitpython-developers/GitPython/commit/e98f57b81f792f0f5e18d33ee658ae395f9aa3c4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gitpython-developers/GitPython/commit/e98f57b81f792f0f5e18d33ee658ae395f9aa3c4"
},
{
"name": "https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175"
},
{
"name": "https://github.com/gitpython-developers/GitPython/releases/tag/3.1.37",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gitpython-developers/GitPython/releases/tag/3.1.37"
},
{
"name": "https://github.com/pypa/advisory-database/tree/main/vulns/gitpython/PYSEC-2023-165.yaml",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/gitpython/PYSEC-2023-165.yaml"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html"
}
],
"source": {
"advisory": "GHSA-cwvm-v4w8-q58c",
"discovery": "UNKNOWN"
},
"title": "GitPython blind local file inclusion"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-41040",
"datePublished": "2023-08-30T21:07:42.263Z",
"dateReserved": "2023-08-22T16:57:23.932Z",
"dateUpdated": "2025-11-03T21:49:29.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-41040",
"date": "2026-05-27",
"epss": "0.0036",
"percentile": "0.58264"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gitpython_project:gitpython:*:*:*:*:*:python:*:*\", \"versionEndIncluding\": \"3.1.34\", \"matchCriteriaId\": \"AC6BBB91-00CE-4AAE-9B5F-B66261632464\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn\u0027t check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has been addressed in version 3.1.37.\"}]",
"id": "CVE-2023-41040",
"lastModified": "2024-11-21T08:20:26.217",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"baseScore\": 4.0, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.5, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 2.5}]}",
"published": "2023-08-30T22:15:09.857",
"references": "[{\"url\": \"https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/gitpython-developers/GitPython/commit/74e55ee4544867e1bd976b7df5a45869ee397b0b\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/gitpython-developers/GitPython/commit/e98f57b81f792f0f5e18d33ee658ae395f9aa3c4\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/gitpython-developers/GitPython/pull/1672\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/gitpython-developers/GitPython/releases/tag/3.1.37\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/pypa/advisory-database/tree/main/vulns/gitpython/PYSEC-2023-165.yaml\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-41040\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2023-08-30T22:15:09.857\",\"lastModified\":\"2025-11-03T22:16:26.430\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn\u0027t check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has been addressed in version 3.1.37.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":4.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.5,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitpython_project:gitpython:*:*:*:*:*:python:*:*\",\"versionEndIncluding\":\"3.1.34\",\"matchCriteriaId\":\"AC6BBB91-00CE-4AAE-9B5F-B66261632464\"}]}]}],\"references\":[{\"url\":\"https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/gitpython-developers/GitPython/commit/74e55ee4544867e1bd976b7df5a45869ee397b0b\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/gitpython-developers/GitPython/commit/e98f57b81f792f0f5e18d33ee658ae395f9aa3c4\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/gitpython-developers/GitPython/pull/1672\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/gitpython-developers/GitPython/releases/tag/3.1.37\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/pypa/advisory-database/tree/main/vulns/gitpython/PYSEC-2023-165.yaml\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/10/msg00030.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c\", \"name\": \"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175\", \"name\": \"https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/10/msg00030.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T21:49:29.315Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-41040\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-01T18:04:46.833039Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-01T18:04:52.308Z\"}}], \"cna\": {\"title\": \"GitPython blind local file inclusion\", \"source\": {\"advisory\": \"GHSA-cwvm-v4w8-q58c\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"gitpython-developers\", \"product\": \"GitPython\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 3.1.37\"}]}], \"references\": [{\"url\": \"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c\", \"name\": \"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/gitpython-developers/GitPython/pull/1672\", \"name\": \"https://github.com/gitpython-developers/GitPython/pull/1672\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/gitpython-developers/GitPython/commit/74e55ee4544867e1bd976b7df5a45869ee397b0b\", \"name\": \"https://github.com/gitpython-developers/GitPython/commit/74e55ee4544867e1bd976b7df5a45869ee397b0b\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/gitpython-developers/GitPython/commit/e98f57b81f792f0f5e18d33ee658ae395f9aa3c4\", \"name\": \"https://github.com/gitpython-developers/GitPython/commit/e98f57b81f792f0f5e18d33ee658ae395f9aa3c4\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175\", \"name\": \"https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/gitpython-developers/GitPython/releases/tag/3.1.37\", \"name\": \"https://github.com/gitpython-developers/GitPython/releases/tag/3.1.37\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/pypa/advisory-database/tree/main/vulns/gitpython/PYSEC-2023-165.yaml\", \"name\": \"https://github.com/pypa/advisory-database/tree/main/vulns/gitpython/PYSEC-2023-165.yaml\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html\", \"name\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn\u0027t check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has been addressed in version 3.1.37.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-11-19T19:31:08.000Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-41040\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T21:49:29.315Z\", \"dateReserved\": \"2023-08-22T16:57:23.932Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2023-08-30T21:07:42.263Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
BDU:2023-05476
Vulnerability from fstec - Published: 30.08.2023
VLAI
Title
Уязвимость компонента symbolic.py библиотеки Python для взаимодействия с git-репозиториями GitPython, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации или вызвать отказ в обслуживании
Description
Уязвимость компонента symbolic.py библиотеки Python для взаимодействия с git-репозиториями GitPython связана с недостатками ограничения имени пути к каталогу. Эксплуатация уязвимости может позволить нарушителю , действующему удаленно, получить несанкционированный доступ к защищаемой информации или вызвать отказ в обслуживании
Severity
Vendor
ООО «Ред Софт», Сообщество свободного программного обеспечения, АО "НППКТ"
Software Name
РЕД ОС (запись в едином реестре российских программ №3751), GitPython, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913)
Software Version
7.3 (РЕД ОС), до 3.1.35 (GitPython), до 2.9 (ОСОН ОСнова Оnyx)
Possible Mitigations
Использование рекомендаций:
Для GitPython:
https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c
Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Для ОСОН ОСнова Оnyx:
Обновление программного обеспечения python-git до версии 2.1.11-1+deb10u2
Reference
https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175
https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c
https://nvd.nist.gov/vuln/detail/CVE-2023-41040
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.9/
CWE
CWE-22
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\"",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), \u0434\u043e 3.1.35 (GitPython), \u0434\u043e 2.9 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f GitPython:\nhttps://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f python-git \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.1.11-1+deb10u2",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "30.08.2023",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "09.01.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "12.09.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-05476",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-41040",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), GitPython, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.9 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 symbolic.py \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Python \u0434\u043b\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 git-\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u043c\u0438 GitPython, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0432\u0435\u0440\u043d\u043e\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0438\u043c\u0435\u043d\u0438 \u043f\u0443\u0442\u0438 \u043a \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c (\u00ab\u041e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438\u00bb) (CWE-22)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 symbolic.py \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Python \u0434\u043b\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 git-\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u043c\u0438 GitPython \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0438\u043c\u0435\u043d\u0438 \u043f\u0443\u0442\u0438 \u043a \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e , \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175\nhttps://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-41040\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.9/",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-22",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,4)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,5)"
}
FKIE_CVE-2023-41040
Vulnerability from fkie_nvd - Published: 2023-08-30 22:15 - Updated: 2025-11-03 22:16
Severity
4.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Summary
GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has been addressed in version 3.1.37.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gitpython_project | gitpython | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gitpython_project:gitpython:*:*:*:*:*:python:*:*",
"matchCriteriaId": "AC6BBB91-00CE-4AAE-9B5F-B66261632464",
"versionEndIncluding": "3.1.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn\u0027t check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has been addressed in version 3.1.37."
},
{
"lang": "es",
"value": "GitPython es una biblioteca de python utilizada para interactuar con repositorios Git. Para resolver algunas referencias de git, GitPython lee archivos del directorio `.git`, en algunos lugares el nombre del archivo que se lee es proporcionado por el usuario, GitPython no verifica si este archivo est\u00e1 ubicado fuera del directorio `.git`. Esto permite a un atacante hacer que GitPython lea cualquier archivo del sistema. Esta vulnerabilidad est\u00e1 presente en https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. Ese c\u00f3digo une el directorio base con una cadena proporcionada por el usuario sin verificar si la ruta final est\u00e1 ubicada fuera del directorio base. Esta vulnerabilidad no puede ser utilizada para leer el contenido de archivos, pero en teor\u00eda podr\u00eda ser utilizada para desencadenar una denegaci\u00f3n de servicio para el programa. Este problema ha sido abordado en la versi\u00f3n 3.1.37."
}
],
"id": "CVE-2023-41040",
"lastModified": "2025-11-03T22:16:26.430",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-30T22:15:09.857",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/gitpython-developers/GitPython/commit/74e55ee4544867e1bd976b7df5a45869ee397b0b"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/gitpython-developers/GitPython/commit/e98f57b81f792f0f5e18d33ee658ae395f9aa3c4"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/gitpython-developers/GitPython/pull/1672"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/gitpython-developers/GitPython/releases/tag/3.1.37"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/gitpython/PYSEC-2023-165.yaml"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00030.html"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
GHSA-CWVM-V4W8-Q58C
Vulnerability from github – Published: 2023-08-30 20:09 – Updated: 2025-11-04 16:45
VLAI
Summary
GitPython blind local file inclusion
Details
Summary
In order to resolve some git references, GitPython reads files from the .git directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the .git directory. This allows an attacker to make GitPython read any file from the system.
Details
This vulnerability is present in
https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175
That code joins the base directory with a user given string without checking if the final path is located outside the base directory.
I was able to exploit it from three places, but there may be more code paths that lead to it:
https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/repo/base.py#L605
https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/repo/base.py#L620
https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/index/base.py#L1353
PoC
Running GitPython within any repo should work, here is an example with the GitPython repo.
import git
r = git.Repo(".")
# This will make GitPython read the README.md file from the root of the repo
r.commit("../README.md")
r.tree("../README.md")
r.index.diff("../README.md")
# Reading /etc/random
# WARNING: this will probably halt your system, run with caution
# r.commit("../../../../../../../../../dev/random")
Impact
I wasn't able to show the contents of the files (that's why "blind" local file inclusion), depending on how GitPython is being used, this can be used by an attacker for something inoffensive as checking if a file exits, or cause a DoS by making GitPython read a big/infinite file (like /dev/random on Linux systems).
Possible solutions
A solution would be to check that the final path isn't located outside the repodir path (maybe even after resolving symlinks). Maybe there could be other checks in place to make sure that the reference names are valid.
Severity
4.0 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "GitPython"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.37"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-41040"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2023-08-30T20:09:36Z",
"nvd_published_at": "2023-08-30T22:15:09Z",
"severity": "MODERATE"
},
"details": "### Summary\n\nIn order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn\u0027t check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system.\n\n### Details\n\nThis vulnerability is present in\n\nhttps://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175\n\nThat code joins the base directory with a user given string without checking if the final path is located outside the base directory.\n\nI was able to exploit it from three places, but there may be more code paths that lead to it:\n\nhttps://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/repo/base.py#L605\n\nhttps://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/repo/base.py#L620\n\nhttps://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/index/base.py#L1353\n\n### PoC\n\nRunning GitPython within any repo should work, here is an example with the GitPython repo.\n\n```python\nimport git\n\nr = git.Repo(\".\")\n\n# This will make GitPython read the README.md file from the root of the repo\nr.commit(\"../README.md\")\nr.tree(\"../README.md\")\nr.index.diff(\"../README.md\")\n\n# Reading /etc/random\n# WARNING: this will probably halt your system, run with caution\n# r.commit(\"../../../../../../../../../dev/random\")\n```\n\n### Impact\n\nI wasn\u0027t able to show the contents of the files (that\u0027s why \"blind\" local file inclusion), depending on how GitPython is being used, this can be used by an attacker for something _inoffensive_ as checking if a file exits, or cause a DoS by making GitPython read a big/infinite file (like `/dev/random` on Linux systems).\n\n### Possible solutions\n\nA solution would be to check that the final path isn\u0027t located outside the `repodir` path (maybe even after resolving symlinks). Maybe there could be other checks in place to make sure that the reference names are valid.",
"id": "GHSA-cwvm-v4w8-q58c",
"modified": "2025-11-04T16:45:32Z",
"published": "2023-08-30T20:09:36Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41040"
},
{
"type": "WEB",
"url": "https://github.com/gitpython-developers/GitPython/pull/1672"
},
{
"type": "WEB",
"url": "https://github.com/gitpython-developers/GitPython/commit/74e55ee4544867e1bd976b7df5a45869ee397b0b"
},
{
"type": "WEB",
"url": "https://github.com/gitpython-developers/GitPython/commit/e98f57b81f792f0f5e18d33ee658ae395f9aa3c4"
},
{
"type": "PACKAGE",
"url": "https://github.com/gitpython-developers/GitPython"
},
{
"type": "WEB",
"url": "https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175"
},
{
"type": "WEB",
"url": "https://github.com/gitpython-developers/GitPython/releases/tag/3.1.37"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/gitpython/PYSEC-2023-165.yaml"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00030.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "GitPython blind local file inclusion"
}
GSD-2023-41040
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has not yet been addressed.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-41040",
"id": "GSD-2023-41040"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-41040"
],
"details": " GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn\u0027t check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has not yet been addressed.",
"id": "GSD-2023-41040",
"modified": "2023-12-13T01:20:45.503942Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2023-41040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "GitPython",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003c= 3.1.34"
}
]
}
}
]
},
"vendor_name": "gitpython-developers"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": " GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn\u0027t check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has not yet been addressed."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-22",
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c",
"refsource": "MISC",
"url": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c"
},
{
"name": "https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175",
"refsource": "MISC",
"url": "https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html",
"refsource": "MISC",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html"
}
]
},
"source": {
"advisory": "GHSA-cwvm-v4w8-q58c",
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gitpython_project:gitpython:*:*:*:*:*:python:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1.34",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2023-41040"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": " GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn\u0027t check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has not yet been addressed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c",
"refsource": "MISC",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c"
},
{
"name": "https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175",
"refsource": "MISC",
"tags": [
"Product"
],
"url": "https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html",
"refsource": "MISC",
"tags": [],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
},
"lastModifiedDate": "2023-09-29T20:15Z",
"publishedDate": "2023-08-30T22:15Z"
}
}
}
OPENSUSE-SU-2023:0259-1
Vulnerability from csaf_opensuse - Published: 2023-09-25 12:02 - Updated: 2023-09-25 12:02Summary
Security update for python-GitPython
Severity
Moderate
Notes
Title of the patch: Security update for python-GitPython
Description of the patch: This update for python-GitPython fixes the following issues:
- CVE-2023-41040: Fixed directory traversal attack vulnerability (boo#1214810)
Patchnames: openSUSE-2023-259
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP5:python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
low
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python-GitPython",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python-GitPython fixes the following issues:\n\n- CVE-2023-41040: Fixed directory traversal attack vulnerability (boo#1214810)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2023-259",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2023_0259-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2023:0259-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZWCDOX67N4DIYNYFBVRBOV5ED6DNNQIW/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2023:0259-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZWCDOX67N4DIYNYFBVRBOV5ED6DNNQIW/"
},
{
"category": "self",
"summary": "SUSE Bug 1214810",
"url": "https://bugzilla.suse.com/1214810"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-41040 page",
"url": "https://www.suse.com/security/cve/CVE-2023-41040/"
}
],
"title": "Security update for python-GitPython",
"tracking": {
"current_release_date": "2023-09-25T12:02:14Z",
"generator": {
"date": "2023-09-25T12:02:14Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2023:0259-1",
"initial_release_date": "2023-09-25T12:02:14Z",
"revision_history": [
{
"date": "2023-09-25T12:02:14Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch",
"product": {
"name": "python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch",
"product_id": "python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP5",
"product": {
"name": "SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch"
},
"product_reference": "python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch"
},
"product_reference": "python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-41040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-41040"
}
],
"notes": [
{
"category": "general",
"text": "GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn\u0027t check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has been addressed in version 3.1.37.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP5:python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch",
"openSUSE Leap 15.5:python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-41040",
"url": "https://www.suse.com/security/cve/CVE-2023-41040"
},
{
"category": "external",
"summary": "SUSE Bug 1214810 for CVE-2023-41040",
"url": "https://bugzilla.suse.com/1214810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP5:python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch",
"openSUSE Leap 15.5:python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP5:python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch",
"openSUSE Leap 15.5:python3-GitPython-3.1.12.1610074031.f653af66-bp155.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-25T12:02:14Z",
"details": "low"
}
],
"title": "CVE-2023-41040"
}
]
}
OPENSUSE-SU-2023:0271-1
Vulnerability from csaf_opensuse - Published: 2023-09-25 22:02 - Updated: 2023-09-25 22:02Summary
Security update for python-GitPython
Severity
Moderate
Notes
Title of the patch: Security update for python-GitPython
Description of the patch: This update for python-GitPython fixes the following issues:
- CVE-2023-41040: Fixed directory traversal attack vulnerability (boo#1214810)
Patchnames: openSUSE-2023-271
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP4:python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
low
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python-GitPython",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python-GitPython fixes the following issues:\n\n- CVE-2023-41040: Fixed directory traversal attack vulnerability (boo#1214810)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2023-271",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2023_0271-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2023:0271-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7CNHID7WWGH3NBQ4RDHSFLO7MHMZZ4ZQ/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2023:0271-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7CNHID7WWGH3NBQ4RDHSFLO7MHMZZ4ZQ/"
},
{
"category": "self",
"summary": "SUSE Bug 1214810",
"url": "https://bugzilla.suse.com/1214810"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-41040 page",
"url": "https://www.suse.com/security/cve/CVE-2023-41040/"
}
],
"title": "Security update for python-GitPython",
"tracking": {
"current_release_date": "2023-09-25T22:02:02Z",
"generator": {
"date": "2023-09-25T22:02:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2023:0271-1",
"initial_release_date": "2023-09-25T22:02:02Z",
"revision_history": [
{
"date": "2023-09-25T22:02:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch",
"product": {
"name": "python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch",
"product_id": "python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP4",
"product": {
"name": "SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch"
},
"product_reference": "python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch"
},
"product_reference": "python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-41040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-41040"
}
],
"notes": [
{
"category": "general",
"text": "GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn\u0027t check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has been addressed in version 3.1.37.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch",
"openSUSE Leap 15.4:python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-41040",
"url": "https://www.suse.com/security/cve/CVE-2023-41040"
},
{
"category": "external",
"summary": "SUSE Bug 1214810 for CVE-2023-41040",
"url": "https://bugzilla.suse.com/1214810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch",
"openSUSE Leap 15.4:python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch",
"openSUSE Leap 15.4:python3-GitPython-3.1.12.1610074031.f653af66-bp154.2.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-09-25T22:02:02Z",
"details": "low"
}
],
"title": "CVE-2023-41040"
}
]
}
OPENSUSE-SU-2024:13207-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
python310-GitPython-3.1.34.1693646983.2a2ae77-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: python310-GitPython-3.1.34.1693646983.2a2ae77-1.1 on GA media
Description of the patch: These are all security issues fixed in the python310-GitPython-3.1.34.1693646983.2a2ae77-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13207
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python310-GitPython-3.1.34.1693646983.2a2ae77-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13207",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13207-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-40590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-40590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-41040 page",
"url": "https://www.suse.com/security/cve/CVE-2023-41040/"
}
],
"title": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13207-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"product": {
"name": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"product_id": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"product": {
"name": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"product_id": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"product": {
"name": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"product_id": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"product": {
"name": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"product_id": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"product": {
"name": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"product_id": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"product": {
"name": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"product_id": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"product": {
"name": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"product_id": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"product": {
"name": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"product_id": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"product": {
"name": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"product_id": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"product": {
"name": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"product_id": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"product": {
"name": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"product_id": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"product": {
"name": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"product_id": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64"
},
"product_reference": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le"
},
"product_reference": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x"
},
"product_reference": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64"
},
"product_reference": "python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64"
},
"product_reference": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le"
},
"product_reference": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x"
},
"product_reference": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64"
},
"product_reference": "python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64"
},
"product_reference": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le"
},
"product_reference": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x"
},
"product_reference": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64"
},
"product_reference": "python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-40590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-40590"
}
],
"notes": [
{
"category": "general",
"text": " GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the `git` command, if a user runs GitPython from a repo has a `git.exe` or `git` executable, that program will be run instead of the one in the user\u0027s `PATH`. This is more of a problem on how Python interacts with Windows systems, Linux and any other OS aren\u0027t affected by this. But probably people using GitPython usually run it from the CWD of a repo. An attacker can trick a user to download a repository with a malicious `git` executable, if the user runs/imports GitPython from that directory, it allows the attacker to run any arbitrary commands. There is no fix currently available for windows users, however there are a few mitigations. 1: Default to an absolute path for the git program on Windows, like `C:\\\\Program Files\\\\Git\\\\cmd\\\\git.EXE` (default git path installation). 2: Require users to set the `GIT_PYTHON_GIT_EXECUTABLE` environment variable on Windows systems. 3: Make this problem prominent in the documentation and advise users to never run GitPython from an untrusted repo, or set the `GIT_PYTHON_GIT_EXECUTABLE` env var to an absolute path. 4: Resolve the executable manually by only looking into the `PATH` environment variable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-40590",
"url": "https://www.suse.com/security/cve/CVE-2023-40590"
},
{
"category": "external",
"summary": "SUSE Bug 1214734 for CVE-2023-40590",
"url": "https://bugzilla.suse.com/1214734"
},
{
"category": "external",
"summary": "SUSE Bug 1218750 for CVE-2023-40590",
"url": "https://bugzilla.suse.com/1218750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-40590"
},
{
"cve": "CVE-2023-41040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-41040"
}
],
"notes": [
{
"category": "general",
"text": "GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn\u0027t check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has been addressed in version 3.1.37.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-41040",
"url": "https://www.suse.com/security/cve/CVE-2023-41040"
},
{
"category": "external",
"summary": "SUSE Bug 1214810 for CVE-2023-41040",
"url": "https://bugzilla.suse.com/1214810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python310-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python311-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.aarch64",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.ppc64le",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.s390x",
"openSUSE Tumbleweed:python39-GitPython-3.1.34.1693646983.2a2ae77-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2023-41040"
}
]
}
PYSEC-2023-165
Vulnerability from pysec - Published: 2023-08-30 22:15 - Updated: 2023-09-07 14:33
VLAI
Details
GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the .git directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the .git directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has not yet been addressed.
Severity
6.5 (Medium)
Impacted products
| Name | purl | gitpython | pkg:pypi/gitpython |
|---|
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "gitpython",
"purl": "pkg:pypi/gitpython"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.35"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.1.7",
"0.2.0-beta1",
"0.3.0-beta1",
"0.3.0-beta2",
"0.3.1-beta2",
"0.3.2",
"0.3.2.1",
"0.3.2.RC1",
"0.3.3",
"0.3.4",
"0.3.5",
"0.3.6",
"0.3.7",
"1.0.0",
"1.0.1",
"1.0.2",
"2.0.0",
"2.0.1",
"2.0.2",
"2.0.3",
"2.0.4",
"2.0.5",
"2.0.6",
"2.0.7",
"2.0.8",
"2.0.9",
"2.0.9.dev0",
"2.0.9.dev1",
"2.1.0",
"2.1.1",
"2.1.10",
"2.1.11",
"2.1.12",
"2.1.13",
"2.1.14",
"2.1.15",
"2.1.2",
"2.1.3",
"2.1.4",
"2.1.5",
"2.1.6",
"2.1.7",
"2.1.8",
"2.1.9",
"3.0.0",
"3.0.1",
"3.0.2",
"3.0.3",
"3.0.4",
"3.0.5",
"3.0.6",
"3.0.7",
"3.0.8",
"3.0.9",
"3.1.0",
"3.1.1",
"3.1.10",
"3.1.11",
"3.1.12",
"3.1.13",
"3.1.14",
"3.1.15",
"3.1.16",
"3.1.17",
"3.1.18",
"3.1.19",
"3.1.2",
"3.1.20",
"3.1.22",
"3.1.23",
"3.1.24",
"3.1.25",
"3.1.26",
"3.1.27",
"3.1.28",
"3.1.29",
"3.1.3",
"3.1.30",
"3.1.31",
"3.1.32",
"3.1.33",
"3.1.34",
"3.1.4",
"3.1.5",
"3.1.6",
"3.1.7",
"3.1.8",
"3.1.9"
]
}
],
"aliases": [
"CVE-2023-41040",
"GHSA-cwvm-v4w8-q58c"
],
"details": " GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn\u0027t check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has not yet been addressed.",
"id": "PYSEC-2023-165",
"modified": "2023-09-07T14:33:25.683922+00:00",
"published": "2023-08-30T22:15:00+00:00",
"references": [
{
"type": "EVIDENCE",
"url": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c"
},
{
"type": "ADVISORY",
"url": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c"
},
{
"type": "WEB",
"url": "https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
}
]
}
RHSA-2023:7851
Vulnerability from csaf_redhat - Published: 2023-12-14 16:30 - Updated: 2026-04-30 13:13Summary
Red Hat Security Advisory: Satellite 6.14.1 Async Security Update
Severity
Moderate
Notes
Topic: Updated Satellite 6.14 packages that fixes Important security bugs and several
regular bugs are now available for Red Hat Satellite.
Details: Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security fix(es):
* rubygem-actionpack: actionpack: Possible XSS via User Supplied Values to redirect_to [rhn_satellite_6.14] (CVE-2023-28362)
* foreman: World readable file containing secrets [rhn_satellite_6.14] (CVE-2023-4886)
* python-urllib3: urllib3: Request body not stripped after redirect from 303 status changes request method to GET [rhn_satellite_6-default] (CVE-2023-45803 )
* python-gitpython: GitPython: Blind local file inclusion [rhn_satellite_6-default] (CVE-2023-41040)
This update fixes the following bugs:
2250342 - REX job finished with exit code 0 but the script failed on client side due to no space.
2250343 - Selinux denials are reported after following "Chapter 13. Managing Custom File Type Content" chapter step by step
2250344 - Long running postgres threads during content-export
2250345 - Upgrade django-import-export package to at least 3.1.0
2250349 - After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync
2250350 - Slow generate applicability for Hosts with multiple modulestreams installed
2250352 - Recalculate button for Errata is not available on Satellite 6.13/ Satellite 6.14 if no errata is present
2250351 - Actions::ForemanLeapp::PreupgradeJob fails with null value in column "preupgrade_report_id" violates not-null constraint when run with non-admin user
2251799 - REX Template for 'convert2rhel analyze' command
2254085 - Getting '/usr/sbin/foreman-rake db:migrate' returned 1 instead of one of [0] ERROR while trying to upgrade Satellite 6.13 to 6.14
2254080 - satellite-convert2rhel-toolkit rpm v1.0.0 in 6.14.z
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable.
6.7 (Medium)
Affected products
Fixed
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
Known not affected
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64 | — |
Threats
Impact
Moderate
A Cross-site Scripting (XSS) vulnerability was found in Actionpack due to improper sanitization of user-supplied values. This allows provided values to contain characters that are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned location header.
4.7 (Medium)
Affected products
Fixed
2 products
Known not affected
147 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64 | — |
Threats
Impact
Moderate
A path traversal vulnerability was found in GitPython due to an input validation error when reading from the ".git" directory. This issue may allow a remote attacker to prepare a specially crafted ".git" file with directory traversal characters in file names and force the application to read these files from the local system, which can result in checking for the existence of a specific file on the system or allow a denial of service (DoS) attack.
5.1 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — |
Vendor Fix
fix
|
Known not affected
145 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64 | — |
Threats
Impact
Moderate
A flaw was found in urllib3, a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, which is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn't disable redirects explicitly.
5.9 (Medium)
Affected products
Fixed
149 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as `POST` to `GET`, as is required by HTTP RFCs. This issue requires a previously trusted service to become compromised in order to have an impact on confidentiality, therefore, the exploitability of this vulnerability is low. Additionally, many users aren't putting sensitive data in HTTP request bodies; if this is the case, this vulnerability isn't exploitable.
4.2 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
145 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64 | — |
Workaround
|
Threats
Impact
Moderate
References
44 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Satellite 6.14 packages that fixes Important security bugs and several\nregular bugs are now available for Red Hat Satellite.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity fix(es):\n\n* rubygem-actionpack: actionpack: Possible XSS via User Supplied Values to redirect_to [rhn_satellite_6.14] (CVE-2023-28362)\n\n* foreman: World readable file containing secrets [rhn_satellite_6.14] (CVE-2023-4886)\n\n* python-urllib3: urllib3: Request body not stripped after redirect from 303 status changes request method to GET [rhn_satellite_6-default] (CVE-2023-45803 )\n\n* python-gitpython: GitPython: Blind local file inclusion [rhn_satellite_6-default] (CVE-2023-41040)\n\nThis update fixes the following bugs:\n\n2250342 - REX job finished with exit code 0 but the script failed on client side due to no space.\n2250343 - Selinux denials are reported after following \"Chapter 13. Managing Custom File Type Content\" chapter step by step\n2250344 - Long running postgres threads during content-export\n2250345 - Upgrade django-import-export package to at least 3.1.0\n2250349 - After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync\n2250350 - Slow generate applicability for Hosts with multiple modulestreams installed\n2250352 - Recalculate button for Errata is not available on Satellite 6.13/ Satellite 6.14 if no errata is present\n2250351 - Actions::ForemanLeapp::PreupgradeJob fails with null value in column \"preupgrade_report_id\" violates not-null constraint when run with non-admin user\n2251799 - REX Template for \u0027convert2rhel analyze\u0027 command\n2254085 - Getting \u0027/usr/sbin/foreman-rake db:migrate\u0027 returned 1 instead of one of [0] ERROR while trying to upgrade Satellite 6.13 to 6.14 \n2254080 - satellite-convert2rhel-toolkit rpm v1.0.0 in 6.14.z\n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7851",
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_red_hat_satellite_to_6.14/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_red_hat_satellite_to_6.14/index"
},
{
"category": "external",
"summary": "2217785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217785"
},
{
"category": "external",
"summary": "2230135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
},
{
"category": "external",
"summary": "2246840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246840"
},
{
"category": "external",
"summary": "2247040",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247040"
},
{
"category": "external",
"summary": "2250342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250342"
},
{
"category": "external",
"summary": "2250343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250343"
},
{
"category": "external",
"summary": "2250344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250344"
},
{
"category": "external",
"summary": "2250345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250345"
},
{
"category": "external",
"summary": "2250349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250349"
},
{
"category": "external",
"summary": "2250350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250350"
},
{
"category": "external",
"summary": "2250351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250351"
},
{
"category": "external",
"summary": "2250352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250352"
},
{
"category": "external",
"summary": "2251799",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251799"
},
{
"category": "external",
"summary": "2254080",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254080"
},
{
"category": "external",
"summary": "2254085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254085"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7851.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.14.1 Async Security Update",
"tracking": {
"current_release_date": "2026-04-30T13:13:48+00:00",
"generator": {
"date": "2026-04-30T13:13:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2023:7851",
"initial_release_date": "2023-12-14T16:30:08+00:00",
"revision_history": [
{
"date": "2023-12-14T16:30:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-12-14T16:30:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T13:13:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.14::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.14::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.14::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "createrepo_c-0:1.0.2-2.el8pc.src",
"product": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src",
"product_id": "createrepo_c-0:1.0.2-2.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.7.0.10-1.el8sat.src",
"product": {
"name": "foreman-0:3.7.0.10-1.el8sat.src",
"product_id": "foreman-0:3.7.0.10-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.7.0.10-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"product": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"product_id": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.7.0.5-1.el8sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-django-import-export-0:3.1.0-1.el8pc.src",
"product": {
"name": "python-django-import-export-0:3.1.0-1.el8pc.src",
"product_id": "python-django-import-export-0:3.1.0-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-django-import-export@3.1.0-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"product": {
"name": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"product_id": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-gitpython@3.1.40-0.1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulpcore-0:3.22.19-1.el8pc.src",
"product": {
"name": "python-pulpcore-0:3.22.19-1.el8pc.src",
"product_id": "python-pulpcore-0:3.22.19-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulpcore@3.22.19-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"product": {
"name": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"product_id": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-rpm@3.19.11-2.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"product": {
"name": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"product_id": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-urllib3@1.26.18-0.1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actioncable@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailbox@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailer@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actiontext@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionview@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activejob@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activemodel@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activestorage@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-rails-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rails@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-railties-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-railties@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"product": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"product_id": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-smart_proxy_remote_execution_ssh@0.10.2-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.14.1-1.el8sat.src",
"product": {
"name": "satellite-0:6.14.1-1.el8sat.src",
"product_id": "satellite-0:6.14.1-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.14.1-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"product": {
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"product_id": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_remote_execution@10.1.2-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.src",
"product": {
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.src",
"product_id": "rubygem-katello-0:4.9.0.18-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.18-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"product": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"product_id": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulpcore-selinux@2.0.0-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"product": {
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"product_id": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_leapp@1.1.0-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"product": {
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"product_id": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.0-1.el8sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-libs@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-debugsource@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-libs-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"product": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"product_id": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulpcore-selinux@2.0.0-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64",
"product": {
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64",
"product_id": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.0-1.el8sat?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"product": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"product_id": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.7.0.5-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"product": {
"name": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"product_id": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer-katello@3.7.0.5-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"product": {
"name": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"product_id": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-django-import-export@3.1.0-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"product": {
"name": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"product_id": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-gitpython@3.1.40-0.1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"product": {
"name": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"product_id": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulpcore@3.22.19-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"product": {
"name": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"product_id": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-rpm@3.19.11-2.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"product": {
"name": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"product_id": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-urllib3@1.26.18-0.1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actioncable@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailbox@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailer@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actiontext@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionview@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activejob@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activemodel@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activestorage@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rails@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-railties@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"product": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"product_id": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-smart_proxy_remote_execution_ssh@0.10.2-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"product_id": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.14.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"product_id": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.14.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.14.1-1.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.14.1-1.el8sat.noarch",
"product_id": "satellite-common-0:6.14.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.14.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.14.1-1.el8sat.noarch",
"product": {
"name": "satellite-0:6.14.1-1.el8sat.noarch",
"product_id": "satellite-0:6.14.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.14.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"product_id": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_remote_execution@10.1.2-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"product_id": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_remote_execution-cockpit@10.1.2-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"product": {
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"product_id": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"product_id": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_leapp@1.1.0-1.el8sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src"
},
"product_reference": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64"
},
"product_reference": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-django-import-export-0:3.1.0-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src"
},
"product_reference": "python-django-import-export-0:3.1.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gitpython-0:3.1.40-0.1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src"
},
"product_reference": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.19.11-2.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.22.19-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src"
},
"product_reference": "python-pulpcore-0:3.22.19-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-urllib3-0:1.26.18-0.1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src"
},
"product_reference": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-django-import-export-0:3.1.0-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch"
},
"product_reference": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch"
},
"product_reference": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch"
},
"product_reference": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulpcore-0:3.22.19-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch"
},
"product_reference": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch"
},
"product_reference": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch"
},
"product_reference": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src"
},
"product_reference": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src"
},
"product_reference": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64"
},
"product_reference": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-django-import-export-0:3.1.0-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src"
},
"product_reference": "python-django-import-export-0:3.1.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gitpython-0:3.1.40-0.1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src"
},
"product_reference": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.19.11-2.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.22.19-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src"
},
"product_reference": "python-pulpcore-0:3.22.19-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-urllib3-0:1.26.18-0.1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src"
},
"product_reference": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-django-import-export-0:3.1.0-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch"
},
"product_reference": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch"
},
"product_reference": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch"
},
"product_reference": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulpcore-0:3.22.19-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch"
},
"product_reference": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch"
},
"product_reference": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src"
},
"product_reference": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src"
},
"product_reference": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch"
},
"product_reference": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src"
},
"product_reference": "rubygem-katello-0:4.9.0.18-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-rails-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-railties-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch"
},
"product_reference": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src"
},
"product_reference": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src"
},
"product_reference": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
},
"product_reference": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4886",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-08-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2230135"
}
],
"notes": [
{
"category": "description",
"text": "A sensitive information exposure vulnerability was found in foreman. Contents of tomcat\u0027s server.xml file, which contain passwords to candlepin\u0027s keystore and truststore, were found to be world readable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "foreman: World readable file containing secrets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has a limited impact on security, as candlepin\u0027s individual stores\u0027 privileges are limited to root and tomcat only. Therefore, the impact is limited to highly privileged users.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4886"
},
{
"category": "external",
"summary": "RHBZ#2230135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4886",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4886"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886"
}
],
"release_date": "2023-10-03T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "foreman: World readable file containing secrets"
},
{
"cve": "CVE-2023-28362",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-06-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2217785"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site Scripting (XSS) vulnerability was found in Actionpack due to improper sanitization of user-supplied values. This allows provided values to contain characters that are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned location header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "actionpack: Possible XSS via User Supplied Values to redirect_to",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28362"
},
{
"category": "external",
"summary": "RHBZ#2217785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217785"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28362",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28362"
},
{
"category": "external",
"summary": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-28362.yml",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-28362.yml"
}
],
"release_date": "2023-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "actionpack: Possible XSS via User Supplied Values to redirect_to"
},
{
"cve": "CVE-2023-41040",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2023-10-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2247040"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in GitPython due to an input validation error when reading from the \".git\" directory. This issue may allow a remote attacker to prepare a specially crafted \".git\" file with directory traversal characters in file names and force the application to read these files from the local system, which can result in checking for the existence of a specific file on the system or allow a denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GitPython: Blind local file inclusion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability cannot be used to read the contents of files but could be used to trigger a denial of service for the program.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-41040"
},
{
"category": "external",
"summary": "RHBZ#2247040",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247040"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-41040",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-41040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41040"
},
{
"category": "external",
"summary": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c",
"url": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c"
}
],
"release_date": "2023-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "GitPython: Blind local file inclusion"
},
{
"cve": "CVE-2023-43804",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242493"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, a user-friendly HTTP client library for Python. urllib3 doesn\u0027t treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, which is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn\u0027t disable redirects explicitly.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-urllib3: Cookie request header isn\u0027t stripped during cross-origin redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-43804"
},
{
"category": "external",
"summary": "RHBZ#2242493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242493"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-43804",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43804"
}
],
"release_date": "2023-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-urllib3: Cookie request header isn\u0027t stripped during cross-origin redirects"
},
{
"cve": "CVE-2023-45803",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-10-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2246840"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn\u0027t remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as `POST` to `GET`, as is required by HTTP RFCs. This issue requires a previously trusted service to become compromised in order to have an impact on confidentiality, therefore, the exploitability of this vulnerability is low. Additionally, many users aren\u0027t putting sensitive data in HTTP request bodies; if this is the case, this vulnerability isn\u0027t exploitable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: Request body not stripped after redirect from 303 status changes request method to GET",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Both of the following conditions must be true to be affected by this vulnerability: \n1. Using urllib3 and submitting sensitive information in the HTTP request body such as form data or JSON\n2. The origin service is compromised and starts redirecting using 301, 302, or 303 to a malicious peer or the redirected-to service becomes compromised",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45803"
},
{
"category": "external",
"summary": "RHBZ#2246840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246840"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45803",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45803"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9",
"url": "https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#name-get",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#name-get"
}
],
"release_date": "2023-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
},
{
"category": "workaround",
"details": "Users unable to update should disable redirects for services that aren\u0027t expecting to respond with redirects with `redirects=False`, disable automatic redirects with `redirects=False`, and handle 301, 302, and 303 redirects manually by stripping the HTTP request body.",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: Request body not stripped after redirect from 303 status changes request method to GET"
}
]
}
RHSA-2023_7851
Vulnerability from csaf_redhat - Published: 2023-12-14 16:30 - Updated: 2024-11-23 03:39Summary
Red Hat Security Advisory: Satellite 6.14.1 Async Security Update
Severity
Moderate
Notes
Topic: Updated Satellite 6.14 packages that fixes Important security bugs and several
regular bugs are now available for Red Hat Satellite.
Details: Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security fix(es):
* rubygem-actionpack: actionpack: Possible XSS via User Supplied Values to redirect_to [rhn_satellite_6.14] (CVE-2023-28362)
* foreman: World readable file containing secrets [rhn_satellite_6.14] (CVE-2023-4886)
* python-urllib3: urllib3: Request body not stripped after redirect from 303 status changes request method to GET [rhn_satellite_6-default] (CVE-2023-45803 )
* python-gitpython: GitPython: Blind local file inclusion [rhn_satellite_6-default] (CVE-2023-41040)
This update fixes the following bugs:
2250342 - REX job finished with exit code 0 but the script failed on client side due to no space.
2250343 - Selinux denials are reported after following "Chapter 13. Managing Custom File Type Content" chapter step by step
2250344 - Long running postgres threads during content-export
2250345 - Upgrade django-import-export package to at least 3.1.0
2250349 - After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync
2250350 - Slow generate applicability for Hosts with multiple modulestreams installed
2250352 - Recalculate button for Errata is not available on Satellite 6.13/ Satellite 6.14 if no errata is present
2250351 - Actions::ForemanLeapp::PreupgradeJob fails with null value in column "preupgrade_report_id" violates not-null constraint when run with non-admin user
2251799 - REX Template for 'convert2rhel analyze' command
2254085 - Getting '/usr/sbin/foreman-rake db:migrate' returned 1 instead of one of [0] ERROR while trying to upgrade Satellite 6.13 to 6.14
2254080 - satellite-convert2rhel-toolkit rpm v1.0.0 in 6.14.z
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable.
6.7 (Medium)
Affected products
Fixed
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
|
Known not affected
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64 | — |
Threats
Impact
Moderate
A Cross-site Scripting (XSS) vulnerability was found in Actionpack due to improper sanitization of user-supplied values. This allows provided values to contain characters that are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned location header.
4.7 (Medium)
Affected products
Fixed
2 products
Known not affected
147 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64 | — |
Threats
Impact
Moderate
A path traversal vulnerability was found in GitPython due to an input validation error when reading from the ".git" directory. This issue may allow a remote attacker to prepare a specially crafted ".git" file with directory traversal characters in file names and force the application to read these files from the local system, which can result in checking for the existence of a specific file on the system or allow a denial of service (DoS) attack.
5.1 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — |
Vendor Fix
fix
|
Known not affected
145 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64 | — |
Threats
Impact
Moderate
A flaw was found in urllib3, a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, which is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn't disable redirects explicitly.
5.9 (Medium)
Affected products
Fixed
149 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as `POST` to `GET`, as is required by HTTP RFCs. This issue requires a previously trusted service to become compromised in order to have an impact on confidentiality, therefore, the exploitability of this vulnerability is low. Additionally, many users aren't putting sensitive data in HTTP request bodies; if this is the case, this vulnerability isn't exploitable.
4.2 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
145 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64 | — |
Workaround
|
Threats
Impact
Moderate
References
44 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Satellite 6.14 packages that fixes Important security bugs and several\nregular bugs are now available for Red Hat Satellite.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity fix(es):\n\n* rubygem-actionpack: actionpack: Possible XSS via User Supplied Values to redirect_to [rhn_satellite_6.14] (CVE-2023-28362)\n\n* foreman: World readable file containing secrets [rhn_satellite_6.14] (CVE-2023-4886)\n\n* python-urllib3: urllib3: Request body not stripped after redirect from 303 status changes request method to GET [rhn_satellite_6-default] (CVE-2023-45803 )\n\n* python-gitpython: GitPython: Blind local file inclusion [rhn_satellite_6-default] (CVE-2023-41040)\n\nThis update fixes the following bugs:\n\n2250342 - REX job finished with exit code 0 but the script failed on client side due to no space.\n2250343 - Selinux denials are reported after following \"Chapter 13. Managing Custom File Type Content\" chapter step by step\n2250344 - Long running postgres threads during content-export\n2250345 - Upgrade django-import-export package to at least 3.1.0\n2250349 - After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync\n2250350 - Slow generate applicability for Hosts with multiple modulestreams installed\n2250352 - Recalculate button for Errata is not available on Satellite 6.13/ Satellite 6.14 if no errata is present\n2250351 - Actions::ForemanLeapp::PreupgradeJob fails with null value in column \"preupgrade_report_id\" violates not-null constraint when run with non-admin user\n2251799 - REX Template for \u0027convert2rhel analyze\u0027 command\n2254085 - Getting \u0027/usr/sbin/foreman-rake db:migrate\u0027 returned 1 instead of one of [0] ERROR while trying to upgrade Satellite 6.13 to 6.14 \n2254080 - satellite-convert2rhel-toolkit rpm v1.0.0 in 6.14.z\n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7851",
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_red_hat_satellite_to_6.14/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_red_hat_satellite_to_6.14/index"
},
{
"category": "external",
"summary": "2217785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217785"
},
{
"category": "external",
"summary": "2230135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
},
{
"category": "external",
"summary": "2246840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246840"
},
{
"category": "external",
"summary": "2247040",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247040"
},
{
"category": "external",
"summary": "2250342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250342"
},
{
"category": "external",
"summary": "2250343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250343"
},
{
"category": "external",
"summary": "2250344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250344"
},
{
"category": "external",
"summary": "2250345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250345"
},
{
"category": "external",
"summary": "2250349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250349"
},
{
"category": "external",
"summary": "2250350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250350"
},
{
"category": "external",
"summary": "2250351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250351"
},
{
"category": "external",
"summary": "2250352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250352"
},
{
"category": "external",
"summary": "2251799",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251799"
},
{
"category": "external",
"summary": "2254080",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254080"
},
{
"category": "external",
"summary": "2254085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254085"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7851.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.14.1 Async Security Update",
"tracking": {
"current_release_date": "2024-11-23T03:39:40+00:00",
"generator": {
"date": "2024-11-23T03:39:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2023:7851",
"initial_release_date": "2023-12-14T16:30:08+00:00",
"revision_history": [
{
"date": "2023-12-14T16:30:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-12-14T16:30:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-23T03:39:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.14::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.14::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.14::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "createrepo_c-0:1.0.2-2.el8pc.src",
"product": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src",
"product_id": "createrepo_c-0:1.0.2-2.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.7.0.10-1.el8sat.src",
"product": {
"name": "foreman-0:3.7.0.10-1.el8sat.src",
"product_id": "foreman-0:3.7.0.10-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.7.0.10-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"product": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"product_id": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.7.0.5-1.el8sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-django-import-export-0:3.1.0-1.el8pc.src",
"product": {
"name": "python-django-import-export-0:3.1.0-1.el8pc.src",
"product_id": "python-django-import-export-0:3.1.0-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-django-import-export@3.1.0-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"product": {
"name": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"product_id": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-gitpython@3.1.40-0.1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulpcore-0:3.22.19-1.el8pc.src",
"product": {
"name": "python-pulpcore-0:3.22.19-1.el8pc.src",
"product_id": "python-pulpcore-0:3.22.19-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulpcore@3.22.19-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"product": {
"name": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"product_id": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-rpm@3.19.11-2.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"product": {
"name": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"product_id": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-urllib3@1.26.18-0.1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actioncable@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailbox@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailer@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actiontext@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionview@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activejob@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activemodel@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activestorage@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-rails-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rails@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-railties-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-railties@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"product": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"product_id": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-smart_proxy_remote_execution_ssh@0.10.2-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.14.1-1.el8sat.src",
"product": {
"name": "satellite-0:6.14.1-1.el8sat.src",
"product_id": "satellite-0:6.14.1-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.14.1-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"product": {
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"product_id": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_remote_execution@10.1.2-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.src",
"product": {
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.src",
"product_id": "rubygem-katello-0:4.9.0.18-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.18-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"product": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"product_id": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulpcore-selinux@2.0.0-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"product": {
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"product_id": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_leapp@1.1.0-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"product": {
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"product_id": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.0-1.el8sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-libs@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-debugsource@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-libs-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"product": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"product_id": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulpcore-selinux@2.0.0-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64",
"product": {
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64",
"product_id": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.0-1.el8sat?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"product": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"product_id": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.7.0.5-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"product": {
"name": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"product_id": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer-katello@3.7.0.5-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"product": {
"name": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"product_id": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-django-import-export@3.1.0-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"product": {
"name": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"product_id": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-gitpython@3.1.40-0.1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"product": {
"name": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"product_id": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulpcore@3.22.19-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"product": {
"name": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"product_id": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-rpm@3.19.11-2.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"product": {
"name": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"product_id": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-urllib3@1.26.18-0.1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actioncable@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailbox@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailer@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actiontext@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionview@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activejob@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activemodel@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activestorage@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rails@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-railties@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"product": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"product_id": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-smart_proxy_remote_execution_ssh@0.10.2-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"product_id": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.14.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"product_id": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.14.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.14.1-1.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.14.1-1.el8sat.noarch",
"product_id": "satellite-common-0:6.14.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.14.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.14.1-1.el8sat.noarch",
"product": {
"name": "satellite-0:6.14.1-1.el8sat.noarch",
"product_id": "satellite-0:6.14.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.14.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"product_id": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_remote_execution@10.1.2-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"product_id": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_remote_execution-cockpit@10.1.2-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"product": {
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"product_id": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"product_id": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_leapp@1.1.0-1.el8sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src"
},
"product_reference": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64"
},
"product_reference": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-django-import-export-0:3.1.0-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src"
},
"product_reference": "python-django-import-export-0:3.1.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gitpython-0:3.1.40-0.1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src"
},
"product_reference": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.19.11-2.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.22.19-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src"
},
"product_reference": "python-pulpcore-0:3.22.19-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-urllib3-0:1.26.18-0.1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src"
},
"product_reference": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-django-import-export-0:3.1.0-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch"
},
"product_reference": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch"
},
"product_reference": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch"
},
"product_reference": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulpcore-0:3.22.19-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch"
},
"product_reference": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch"
},
"product_reference": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch"
},
"product_reference": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src"
},
"product_reference": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src"
},
"product_reference": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64"
},
"product_reference": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-django-import-export-0:3.1.0-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src"
},
"product_reference": "python-django-import-export-0:3.1.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gitpython-0:3.1.40-0.1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src"
},
"product_reference": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.19.11-2.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.22.19-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src"
},
"product_reference": "python-pulpcore-0:3.22.19-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-urllib3-0:1.26.18-0.1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src"
},
"product_reference": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-django-import-export-0:3.1.0-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch"
},
"product_reference": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch"
},
"product_reference": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch"
},
"product_reference": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulpcore-0:3.22.19-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch"
},
"product_reference": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch"
},
"product_reference": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src"
},
"product_reference": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src"
},
"product_reference": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch"
},
"product_reference": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src"
},
"product_reference": "rubygem-katello-0:4.9.0.18-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-rails-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-railties-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch"
},
"product_reference": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src"
},
"product_reference": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src"
},
"product_reference": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
},
"product_reference": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4886",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-08-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2230135"
}
],
"notes": [
{
"category": "description",
"text": "A sensitive information exposure vulnerability was found in foreman. Contents of tomcat\u0027s server.xml file, which contain passwords to candlepin\u0027s keystore and truststore, were found to be world readable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "foreman: World readable file containing secrets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has a limited impact on security, as candlepin\u0027s individual stores\u0027 privileges are limited to root and tomcat only. Therefore, the impact is limited to highly privileged users.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4886"
},
{
"category": "external",
"summary": "RHBZ#2230135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4886",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4886"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886"
}
],
"release_date": "2023-10-03T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "foreman: World readable file containing secrets"
},
{
"cve": "CVE-2023-28362",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-06-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2217785"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site Scripting (XSS) vulnerability was found in Actionpack due to improper sanitization of user-supplied values. This allows provided values to contain characters that are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned location header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "actionpack: Possible XSS via User Supplied Values to redirect_to",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28362"
},
{
"category": "external",
"summary": "RHBZ#2217785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217785"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28362",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28362"
},
{
"category": "external",
"summary": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-28362.yml",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-28362.yml"
}
],
"release_date": "2023-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "actionpack: Possible XSS via User Supplied Values to redirect_to"
},
{
"cve": "CVE-2023-41040",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2023-10-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2247040"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in GitPython due to an input validation error when reading from the \".git\" directory. This issue may allow a remote attacker to prepare a specially crafted \".git\" file with directory traversal characters in file names and force the application to read these files from the local system, which can result in checking for the existence of a specific file on the system or allow a denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GitPython: Blind local file inclusion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability cannot be used to read the contents of files but could be used to trigger a denial of service for the program.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-41040"
},
{
"category": "external",
"summary": "RHBZ#2247040",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247040"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-41040",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-41040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41040"
},
{
"category": "external",
"summary": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c",
"url": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c"
}
],
"release_date": "2023-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "GitPython: Blind local file inclusion"
},
{
"cve": "CVE-2023-43804",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242493"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, a user-friendly HTTP client library for Python. urllib3 doesn\u0027t treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, which is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn\u0027t disable redirects explicitly.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-urllib3: Cookie request header isn\u0027t stripped during cross-origin redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-43804"
},
{
"category": "external",
"summary": "RHBZ#2242493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242493"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-43804",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43804"
}
],
"release_date": "2023-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-urllib3: Cookie request header isn\u0027t stripped during cross-origin redirects"
},
{
"cve": "CVE-2023-45803",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-10-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2246840"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn\u0027t remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as `POST` to `GET`, as is required by HTTP RFCs. This issue requires a previously trusted service to become compromised in order to have an impact on confidentiality, therefore, the exploitability of this vulnerability is low. Additionally, many users aren\u0027t putting sensitive data in HTTP request bodies; if this is the case, this vulnerability isn\u0027t exploitable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: Request body not stripped after redirect from 303 status changes request method to GET",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Both of the following conditions must be true to be affected by this vulnerability: \n1. Using urllib3 and submitting sensitive information in the HTTP request body such as form data or JSON\n2. The origin service is compromised and starts redirecting using 301, 302, or 303 to a malicious peer or the redirected-to service becomes compromised",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45803"
},
{
"category": "external",
"summary": "RHBZ#2246840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246840"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45803",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45803"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9",
"url": "https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#name-get",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#name-get"
}
],
"release_date": "2023-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
},
{
"category": "workaround",
"details": "Users unable to update should disable redirects for services that aren\u0027t expecting to respond with redirects with `redirects=False`, disable automatic redirects with `redirects=False`, and handle 301, 302, and 303 redirects manually by stripping the HTTP request body.",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: Request body not stripped after redirect from 303 status changes request method to GET"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…