Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-44487 (GCVE-0-2023-44487)
Vulnerability from cvelistv5 – Published: 2023-10-10 00:00 – Updated: 2026-05-12 10:52- n/a
- CWE-400 - Uncontrolled Resource Consumption
| Vendor | Product | Version | |
|---|---|---|---|
| ietf | http |
Affected:
2.0
cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:* |
|
| Siemens | RUGGEDCOM APE1808 |
Affected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SINEC NMS |
Affected:
0 , < V3.0
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
CISA
Known Exploited Vulnerability - GCVE BCP-07 Compliant
Exploited: Yes
Timestamps
Scope
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-400 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | HTTP/2 |
| Due Date | 2023-10-31 |
| Date Added | 2023-10-10 |
| Vendorproject | IETF |
| Vulnerabilityname | HTTP/2 Rapid Reset Attack Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
KEVIntel
Known Exploited Vulnerability - GCVE BCP-07 Compliant
Exploited: Yes
Timestamps
Scope
Evidence
Type: Public Report
Signal: Successful Exploitation
Confidence: 70%
Source: kevintel
Details
| Feed | KEVIntel (kevintel.com) |
|---|---|
| Title | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as... |
| Vendor | |
| Product | Cloud Platform |
| Added Date | 2023-10-10T00:00:00.000Z |
| Cvss Score | 7.5 |
| Epss Score | 0.99999 |
| Cvss Severity | HIGH |
| Epss Percentile | 0.99996 |
| Used In Malware | unknown |
| Ahead Of Cisa Kev | None |
| Not Yet In Cisa Kev | False |
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "http",
"vendor": "ietf",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-44487",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T20:34:21.334116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:35.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00.000Z",
"value": "CVE-2023-44487 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:08:27.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"tags": [
"x_transferred"
],
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"tags": [
"x_transferred"
],
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"tags": [
"x_transferred"
],
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/golang/go/issues/63417"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"tags": [
"x_transferred"
],
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"tags": [
"x_transferred"
],
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"tags": [
"x_transferred"
],
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/line/armeria/pull/5232"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/13/6"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM APE1808",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T10:52:23.784Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-832273.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-341067.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-915275.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-07T20:05:34.376Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"name": "[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/7"
},
{
"name": "[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"url": "https://github.com/golang/go/issues/63417"
},
{
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"url": "https://github.com/line/armeria/pull/5232"
},
{
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://github.com/grpc/grpc/releases/tag/v1.59.2"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-44487",
"datePublished": "2023-10-10T00:00:00.000Z",
"dateReserved": "2023-09-29T00:00:00.000Z",
"dateUpdated": "2026-05-12T10:52:23.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2023-44487",
"cwes": "[\"CWE-400\"]",
"dateAdded": "2023-10-10",
"dueDate": "2023-10-31",
"knownRansomwareCampaignUse": "Unknown",
"notes": "This vulnerability affects a common open-source component, third-party library, or protocol used by different products. For more information, please see: HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487 | CISA: https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487; https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/; https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"product": "HTTP/2",
"requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).",
"vendorProject": "IETF",
"vulnerabilityName": "HTTP/2 Rapid Reset Attack Vulnerability"
},
"epss": {
"cve": "CVE-2023-44487",
"date": "2026-07-04",
"epss": "0.99999",
"percentile": "0.99997"
},
"fkie_nvd": {
"cisaActionDue": "2023-10-31",
"cisaExploitAdd": "2023-10-10",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "HTTP/2 Rapid Reset Attack Vulnerability",
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5200E35-222B-42E0-83E0-5B702684D992\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.57.0\", \"matchCriteriaId\": \"C3BDC297-F023-4E87-8518-B84CCF9DD6A8\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.1.100\", \"matchCriteriaId\": \"D12D5257-7ED2-400F-9EF7-40E0D3650C2B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B058776-B5B7-4079-B0AF-23F40926DCEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D565975-EFD9-467C-B6E3-1866A4EF17A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D487271-1B5E-4F16-B0CB-A7B8908935C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA6ED627-EFB3-4BDD-8ECC-C5947A1470B2\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"9.4.53\", \"matchCriteriaId\": \"A4A6F189-6C43-462D-85C9-B0EBDA8A4683\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.0\", \"versionEndExcluding\": \"10.0.17\", \"matchCriteriaId\": \"C993C920-85C0-4181-A95E-5D965A670738\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.0.0\", \"versionEndExcluding\": \"11.0.17\", \"matchCriteriaId\": \"08E79A8E-E12C-498F-AF4F-1AAA7135661E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.0.0\", \"versionEndExcluding\": \"12.0.2\", \"matchCriteriaId\": \"F138D800-9A3B-4C76-8A3C-4793083A1517\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.7.5\", \"matchCriteriaId\": \"6341DDDA-AD27-4087-9D59-0A212F0037B4\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.20.10\", \"matchCriteriaId\": \"328120E4-C031-44B4-9BE5-03B0CDAA066F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.21.0\", \"versionEndExcluding\": \"1.21.3\", \"matchCriteriaId\": \"5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*\", \"versionEndExcluding\": \"0.17.0\", \"matchCriteriaId\": \"D7D2F801-6F65-4705-BCB9-D057EA54A707\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*\", \"versionEndExcluding\": \"0.17.0\", \"matchCriteriaId\": \"801F25DA-F38C-4452-8E90-235A3B1A5FF0\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"D93F04AD-DF14-48AB-9F13-8B2E491CF42E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"7522C760-7E07-406F-BF50-5656D5723C4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"3A7F605E-EB10-40FB-98D6-7E3A95E310BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"783E62F2-F867-48F1-B123-D1227C970674\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A8D90B7-A1AF-4EFB-B688-1563D81E5C6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"6603ED6A-3366-4572-AFCD-B3D4B1EC7606\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"88978E38-81D3-4EFE-8525-A300B101FA69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"0510296F-92D7-4388-AE3A-0D9799C2FC4D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"D7698D6C-B1F7-43C1-BBA6-88E956356B3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A1CC91B-6920-4AF0-9EDD-DD3189E78F4D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"05E452AA-A520-4CBE-8767-147772B69194\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"596FC5D5-7329-4E39-841E-CAE937C02219\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"B3C7A168-F370-441E-8790-73014BCEC39F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"CF16FD01-7704-40AB-ACB2-80A883804D22\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1769D69A-CB59-46B1-89B3-FB97DC6DEB9B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"9167FEC1-2C37-4946-9657-B4E69301FB24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"7B4B3442-E0C0-48CD-87AD-060E15C9801E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"8FA85EC1-D91A-49DD-949B-2AF7AC813CA5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"20662BB0-4C3D-4CF0-B068-3555C65DD06C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"59203EBF-C52A-45A1-B8DF-00E17E3EFB51\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"7EC2324D-EC8B-41DF-88A7-819E53AAD0FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"9B88F9D1-B54B-40C7-A18A-26C4A071D7EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"C8F39403-C259-4D6F-9E9A-53671017EEDB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"220F2D38-FA82-45EF-B957-7678C9FEDBC1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C698C1C-A3DD-46E2-B05A-12F2604E7F85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"922AA845-530A-4B4B-9976-4CBC30C8A324\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"F938EB43-8373-47EB-B269-C6DF058A9244\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"1771493E-ACAA-477F-8AB4-25DB12F6AD6E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"5E86F3D5-65A4-48CE-A6A2-736BBB88E3F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87670A74-34FE-45DF-A725-25B804C845B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"C7E422F6-C4C2-43AC-B137-0997B5739030\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"CC3F710F-DBCB-4976-9719-CF063DA22377\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"4B9B76A1-7C5A-453F-A4ED-F1A81BCEBEB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"88EDFCD9-775C-48FA-9CDA-2B04DA8D0612\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67DB21AE-DF53-442D-B492-C4ED9A20B105\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"4C9FCBCB-9CE0-49E7-85C8-69E71D211912\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"112DFA85-90AD-478D-BD70-8C7C0C074F1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"DB704A1C-D8B7-48BB-A15A-C14DB591FE4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"21D51D9F-2840-4DEA-A007-D20111A1745C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7BC1D037-74D2-4F92-89AD-C90F6CBF440B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"CAEF3EA4-7D5A-4B44-9CE3-258AEC745866\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"2FBCE2D1-9D93-415D-AB2C-2060307C305A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"8070B469-8CC4-4D2F-97D7-12D0ABB963C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"A326597E-725D-45DE-BEF7-2ED92137B253\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B235A78-649B-46C5-B24B-AB485A884654\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"08B25AAB-A98C-4F89-9131-29E3A8C0ED23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"ED9B976A-D3AD-4445-BF8A-067C3EBDFBB0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"98D2CE1E-DED0-470A-AA78-C78EF769C38E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"C966FABA-7199-4F0D-AB8C-4590FE9D2FFF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84D00768-E71B-4FF7-A7BF-F2C8CFBC900D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"E3D2ABA3-D4A9-4267-B0DF-7C3BBEEAEB66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"BC36311E-BB00-4750-85C8-51F5A2604F07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"A65D357E-4B40-42EC-9AAA-2B6CEF78C401\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"D7EF9865-FE65-4DFB-BF21-62FBCE65FF1C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABBD10E8-6054-408F-9687-B9BF6375CA09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"E6018B01-048C-43BB-A78D-66910ED60CA9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"3A6A5686-5A8B-45D5-9165-BC99D2CCAC47\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"5D2A121F-5BD2-4263-8ED3-1DDE25B5C306\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"0A4F7BAD-3EDD-4DE0-AAB7-DE5ACA34DD79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83794B04-87E2-4CA9-81F5-BB820D0F5395\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"D9EC2237-117F-43BD-ADEC-516CF72E04EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"F70D4B6F-65CF-48F4-9A07-072DFBCE53D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"29563719-1AF2-4BB8-8CCA-A0869F87795D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"D24815DD-579A-46D1-B9F2-3BB2C56BC54D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A6E7035-3299-474F-8F67-945EA9A059D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"0360F76D-E75E-4B05-A294-B47012323ED9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"7A4607BF-41AC-4E84-A110-74E085FF0445\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"441CC945-7CA3-49C0-AE10-94725301E31D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"46BA8E8A-6ED5-4FB2-8BBC-586AA031085A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56FB92F7-FF1E-425D-A5AB-9D9FB0BB9450\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"969C4F14-F6D6-46D6-B348-FC1463877680\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.5.0\", \"versionEndIncluding\": \"1.8.2\", \"matchCriteriaId\": \"41AD5040-1250-45F5-AB63-63F333D49BCC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"8257AA59-C14D-4EC1-B22C-DFBB92CBC297\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"37DB32BB-F4BA-4FB5-94B1-55C3F06749CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"FFF5007E-761C-4697-8D34-C064DF0ABE8D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"910441D3-90EF-4375-B007-D51120A60AB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"667EB77B-DA13-4BA4-9371-EE3F3A109F38\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"8A6F9699-A485-4614-8F38-5A556D31617E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"5A90F547-97A2-41EC-9FDF-25F869F0FA38\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"E76E1B82-F1DC-4366-B388-DBDF16C586A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"660137F4-15A1-42D1-BBAC-99A1D5BB398B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C446827A-1F71-4FAD-9422-580642D26AD1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"1932D32D-0E4B-4BBD-816F-6D47AB2E2F04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"D47B7691-A95B-45C0-BAB4-27E047F3C379\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"2CD1637D-0E42-4928-867A-BA0FDB6E8462\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"3A599F90-F66B-4DF0-AD7D-D234F328BD59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D1B2000-C3FE-4B4C-885A-A5076EB164E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndIncluding\": \"13.1.5\", \"matchCriteriaId\": \"5326759A-AFB0-4A15-B4E9-3C9A2E5DB32A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.5\", \"matchCriteriaId\": \"57D92D05-C67D-437E-88F3-DCC3F6B0ED2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndIncluding\": \"15.1.10\", \"matchCriteriaId\": \"ECCB8C30-861E-4E48-A5F5-30EE523C1FB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.0\", \"versionEndIncluding\": \"16.1.4\", \"matchCriteriaId\": \"F5FEAD2A-3A58-432E-BEBB-6E3FDE24395F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AB23AE6-245E-43D6-B832-933F8259F937\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.9.5\", \"versionEndIncluding\": \"1.25.2\", \"matchCriteriaId\": \"1188B4A9-2684-413C-83D1-E91C75AE0FCF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.0.0\", \"versionEndIncluding\": \"2.4.2\", \"matchCriteriaId\": \"3337609D-5291-4A52-BC6A-6A8D4E60EB20\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.0.0\", \"versionEndIncluding\": \"3.3.0\", \"matchCriteriaId\": \"6CF0ABD9-EB28-4966-8C31-EED7AFBF1527\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"r25\", \"versionEndExcluding\": \"r29\", \"matchCriteriaId\": \"F291CB34-47A4-425A-A200-087CC295AEC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"5892B558-EC3A-43FF-A1D5-B2D9F70796F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"96BF2B19-52C7-4051-BA58-CAE6F912B72F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.5.0\", \"versionEndIncluding\": \"8.5.93\", \"matchCriteriaId\": \"ABD26B48-CC80-4FAE-BD3D-78DE4C80C92B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.0.0\", \"versionEndIncluding\": \"9.0.80\", \"matchCriteriaId\": \"F3EC20B6-B2AB-41F5-9BF9-D16C1FE67C34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.1.0\", \"versionEndIncluding\": \"10.1.13\", \"matchCriteriaId\": \"0765CC3D-AB1A-4147-8900-EF4C105321F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1AA7FF6-E8E7-4BF6-983E-0A99B0183008\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*\", \"matchCriteriaId\": \"57088BDD-A136-45EF-A8A1-2EBF79CEC2CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*\", \"matchCriteriaId\": \"B32D1D7A-A04F-444E-8F45-BB9A9E4B0199\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2AAD52CE-94F5-4F98-A027-9A7E68818CB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*\", \"matchCriteriaId\": \"03A171AF-2EC8-4422-912C-547CDB58CAAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*\", \"matchCriteriaId\": \"538E68C4-0BA4-495F-AEF8-4EF6EE7963CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*\", \"matchCriteriaId\": \"49350A6E-5E1D-45B2-A874-3B8601B3ADCC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F50942F-DF54-46C0-8371-9A476DD3EEA3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*\", \"matchCriteriaId\": \"D12C2C95-B79F-4AA4-8CE3-99A3EE7991AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*\", \"matchCriteriaId\": \"98792138-DD56-42DF-9612-3BDC65EEC117\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:swiftnio_http\\\\/2:*:*:*:*:*:swift:*:*\", \"versionEndExcluding\": \"1.28.0\", \"matchCriteriaId\": \"08190072-3880-4EF5-B642-BA053090D95B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*\", \"versionEndExcluding\": \"1.56.3\", \"matchCriteriaId\": \"5F4CDEA9-CB47-4881-B096-DA896E2364F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*\", \"versionEndIncluding\": \"1.59.2\", \"matchCriteriaId\": \"E65AF7BC-7DAE-408A-8485-FBED22815F75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*\", \"versionStartIncluding\": \"1.58.0\", \"versionEndExcluding\": \"1.58.3\", \"matchCriteriaId\": \"DD868DDF-C889-4F36-B5E6-68B6D9EA48CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*\", \"matchCriteriaId\": \"FBD991E2-DB5A-4AAD-95BA-4B5ACB811C96\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.0.0\", \"versionEndExcluding\": \"6.0.23\", \"matchCriteriaId\": \"4496821E-BD55-4F31-AD9C-A3D66CBBD6BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.0.0\", \"versionEndExcluding\": \"7.0.12\", \"matchCriteriaId\": \"8DF7ECF6-178D-433C-AA21-BAE9EF248F37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.0.0\", \"versionEndExcluding\": \"6.0.23\", \"matchCriteriaId\": \"1C3418F4-B8BF-4666-BB39-C188AB01F45C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.0.0\", \"versionEndExcluding\": \"7.0.12\", \"matchCriteriaId\": \"1278DD1C-EFA9-4316-AD32-24C1B1FB0CEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2023-10-08\", \"matchCriteriaId\": \"3BDFB0FF-0F4A-4B7B-94E8-ED72A8106314\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.0\", \"versionEndExcluding\": \"17.2.20\", \"matchCriteriaId\": \"16A8F269-E07E-402F-BFD5-60F3988A5EAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.4\", \"versionEndExcluding\": \"17.4.12\", \"matchCriteriaId\": \"C4B2B972-69E2-4D21-9A7C-B2AFF1D89EB8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.6\", \"versionEndExcluding\": \"17.6.8\", \"matchCriteriaId\": \"DA5834D4-F52F-41C0-AA11-C974FFEEA063\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.7\", \"versionEndExcluding\": \"17.7.5\", \"matchCriteriaId\": \"2166106F-ACD6-4C7B-B0CC-977B83CC5F73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*\", \"versionEndExcluding\": \"10.0.14393.6351\", \"matchCriteriaId\": \"4CD49C41-6D90-47D3-AB4F-4A74169D3A8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\", \"versionEndExcluding\": \"10.0.14393.6351\", \"matchCriteriaId\": \"BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.17763.4974\", \"matchCriteriaId\": \"E500D59C-6597-45E9-A57B-BE26C0C231D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.19044.3570\", \"matchCriteriaId\": \"C9F9A643-90C6-489C-98A0-D2739CE72F86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.19045.3570\", \"matchCriteriaId\": \"1814619C-ED07-49E0-A50A-E28D824D43BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.22000.2538\", \"matchCriteriaId\": \"100A27D3-87B0-4E72-83F6-7605E3F35E63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.0.22621.2428\", \"matchCriteriaId\": \"C6A36795-0238-45C9-ABE6-3DCCF751915B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB79EE26-FC32-417D-A49C-A1A63165A968\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"821614DD-37DD-44E2-A8A4-FE8D23A33C3C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\", \"versionStartIncluding\": \"18.0.0\", \"versionEndExcluding\": \"18.18.2\", \"matchCriteriaId\": \"C61F0294-5C7E-4DB2-8905-B85D0782F35F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"20.0.0\", \"versionEndExcluding\": \"20.8.1\", \"matchCriteriaId\": \"69843DE4-4721-4F0A-A9B7-0F6DF5AAA388\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2023-10-11\", \"matchCriteriaId\": \"B25279EF-C406-4133-99ED-0492703E0A4E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2023-10-10\", \"matchCriteriaId\": \"9FFFF84B-F35C-43DE-959A-A5D10C3AE9F5\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2023.10.16.00\", \"matchCriteriaId\": \"9DCE8C89-7C22-48CA-AF22-B34C8AA2CB8C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.6.1\", \"matchCriteriaId\": \"EDEB508E-0EBD-4450-9074-983DDF568AB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0.0\", \"versionEndExcluding\": \"8.1.9\", \"matchCriteriaId\": \"93A1A748-6C71-4191-8A16-A93E94E2CDE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.0.0\", \"versionEndExcluding\": \"9.2.3\", \"matchCriteriaId\": \"4E4BCAF6-B246-41EC-9EE1-24296BFC4F5A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.5.0\", \"matchCriteriaId\": \"6F70360D-6214-46BA-AF82-6AB01E13E4E9\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA6FEEC2-9F11-4643-8827-749718254FED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.2.2\", \"matchCriteriaId\": \"E2DA759E-1AF8-49D3-A3FC-1B426C13CA82\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.17.6\", \"matchCriteriaId\": \"28BE6F7B-AE66-4C8A-AAFA-F1262671E9BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.18.0\", \"versionEndExcluding\": \"1.18.3\", \"matchCriteriaId\": \"F0C8E760-C8D2-483A-BBD4-6A6D292A3874\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.19.0\", \"versionEndExcluding\": \"1.19.1\", \"matchCriteriaId\": \"5D0F78BB-6A05-4C97-A8DB-E731B6CC8CC7\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2023-10-10\", \"matchCriteriaId\": \"050AE218-3871-44D6-94DA-12D84C2093CB\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.10.5\", \"matchCriteriaId\": \"B36BFFB0-C0EC-4926-A1DB-0B711C846A68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"376EAF9B-E994-4268-9704-0A45EA30270F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3D08335-C291-4623-B80C-3B14C4D1FA32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*\", \"matchCriteriaId\": \"21033CEE-CEF5-4B0D-A565-4A6FC764AA6D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*\", \"versionEndExcluding\": \"2023-10-11\", \"matchCriteriaId\": \"FC4C66B1-42C0-495D-AE63-2889DE0BED84\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:*\", \"versionStartIncluding\": \"2.12.0\", \"versionEndIncluding\": \"2.12.5\", \"matchCriteriaId\": \"8633E263-F066-4DD8-A734-90207207A873\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*\", \"matchCriteriaId\": \"34A23BD9-A0F4-4D85-8011-EAC93C29B4E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*\", \"matchCriteriaId\": \"27ED3533-A795-422F-B923-68BE071DC00D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*\", \"matchCriteriaId\": \"45F7E352-3208-4188-A5B1-906E00DF9896\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*\", \"matchCriteriaId\": \"DF89A8AD-66FE-439A-B732-CAAB304D765B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.26.0\", \"matchCriteriaId\": \"A400C637-AF18-4BEE-B57C-145261B65DEC\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"653A5B08-0D02-4362-A8B1-D00B24C6C6F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B0E6B4B-BAA6-474E-A18C-72C9719CEC1F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0FD736A-8730-446A-BA3A-7B608DB62B0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4C504B6-3902-46E2-82B7-48AEC9CDD48D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B4BE2D6-43C3-4065-A213-5DB1325DC78F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D54F5AE-61EC-4434-9D5F-9394A3979894\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE29B9D6-63DC-4779-ACE8-4E51E6A0AF37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E37E1B3-6F68-4502-85D6-68333643BDFF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D5A7736-A403-4617-8790-18E46CB74DA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33F13B03-69BF-4A8B-A0A0-7F47FD857461\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9393119E-F018-463F-9548-60436F104195\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC45EE1E-2365-42D4-9D55-92FA24E5ED3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E567CD9F-5A43-4D25-B911-B5D0440698F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68146098-58F8-417E-B165-5182527117C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB4D6790-63E5-4043-B8BE-B489D649061D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78698F40-0777-4990-822D-02E1B5D0E2C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B87C8AD3-8878-4546-86C2-BF411876648C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF03BDE8-602D-4DEE-BA5B-5B20FDF47741\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A58966CB-36AF-4E64-AB39-BE3A0753E155\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"585BC540-073B-425B-B664-5EA4C00AFED6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B453CF7-9AA6-4B94-A003-BF7AE0B82F53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD354E32-A8B0-484C-B4C6-9FBCD3430D2D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72A54BDA-311C-413B-8E4D-388AD65A170A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A305F012-544E-4245-9D69-1C8CD37748B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B40CCE4F-EA2C-453D-BB76-6388767E5C6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF93A27E-AA2B-4C2E-9B8D-FE7267847326\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B12A3A8-6456-481A-A0C9-524543FCC149\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C2E7E3C-A507-4AB2-97E5-4944D8775CF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E22EBF9-AA0D-4712-9D69-DD97679CE835\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"941B114C-FBD7-42FF-B1D8-4EA30E99102C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"339CFB34-A795-49F9-BF6D-A00F3A1A4F63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D044DBE-6F5A-4C53-828E-7B1A570CACFF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E23FA47F-B967-44AD-AB76-1BB2CAD3CA5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*\", \"matchCriteriaId\": \"65203CA1-5225-4E55-A187-6454C091F532\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7BF8EFFB-5686-4F28-A68F-1A8854E098CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"932D137F-528B-4526-9A89-CD59FA1AB0FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DA9B2E2-958B-478D-87D6-E5CDDCD44315\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3F5FF1E-5DA3-4EC3-B41A-A362BDFC4C69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97321212-0E07-4CC2-A917-7B5F61AB9A5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF390236-3259-4C8F-891C-62ACC4386CD1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0AAA300-691A-4957-8B69-F6888CC971B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45937289-2D64-47CB-A750-5B4F0D4664A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B129311C-EB4B-4041-B85C-44D5E53FCAA3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1AB54DB-3FB4-41CB-88ED-1400FD22AB85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77675CB7-67D7-44E9-B7FF-D224B3341AA5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A76A2BCE-4AAE-46D7-93D6-2EDE0FC83145\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C877879-B84B-471C-80CF-0656521CA8AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCC81071-B46D-4F5D-AC25-B4A4CCC20C73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E315FC5C-FF19-43C9-A58A-CF2A5FF13824\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20A6B40D-F991-4712-8E30-5FE008505CB7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1987BDA-0113-4603-B9BE-76647EB043F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D482A3D2-6E9B-42BA-9926-35E5BDD5F3BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"848C92A9-0677-442B-8D52-A448F2019903\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F564701-EDC1-43CF-BB9F-287D6992C6CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12B0CF2B-D1E1-4E20-846E-6F0D873499A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8885C2C-7FB8-40CA-BCB9-B48C50BF2499\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D88B140-D2A1-4A0A-A2E9-1A3B50C295AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4CFF558-3C47-480D-A2F0-BABF26042943\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A903C3AD-2D25-45B5-BF4A-A5BEB2286627\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC5EBD2A-32A3-46D5-B155-B44DCB7F6902\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.5.3\", \"matchCriteriaId\": \"C2792650-851F-4820-B003-06A4BEA092D7\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*\", \"versionEndExcluding\": \"3.4.2\", \"matchCriteriaId\": \"9F6B63B9-F4C9-4A3F-9310-E0918E1070D1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*\", \"versionEndIncluding\": \"2.414.2\", \"matchCriteriaId\": \"E6FF5F80-A991-43D4-B49F-D843E2BC5798\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*\", \"versionEndIncluding\": \"2.427\", \"matchCriteriaId\": \"54D25DA9-12D0-4F14-83E6-C69D0293AAB9\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"9.4.0\", \"matchCriteriaId\": \"8E1AFFB9-C717-4727-B0C9-5A0C281710E2\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.21.4.3\", \"matchCriteriaId\": \"25C85001-E0AB-4B01-8EE7-1D9C77CD956E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"11.1\", \"matchCriteriaId\": \"F98F9D27-6659-413F-8F29-4FDB0882AAC5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.1.3\", \"matchCriteriaId\": \"C98BF315-C563-47C2-BAD1-63347A3D1008\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:crosswork_data_gateway:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"705CBA49-21C9-4400-B7B9-71CDF9F97D8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.0.0\", \"matchCriteriaId\": \"AA2BE0F1-DD16-4876-8EBA-F187BD38B159\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"796B6C58-2140-4105-A2A1-69865A194A75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEA99DC6-EA03-469F-A8BE-7F96FDF0B333\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"x14.3.3\", \"matchCriteriaId\": \"6560DBF4-AFE6-4672-95DE-74A0B8F4170A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.4.2\", \"matchCriteriaId\": \"84785919-796D-41E5-B652-6B5765C81D4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.11.0\", \"matchCriteriaId\": \"92A74A1A-C69F-41E6-86D0-D6BB1C5D0A1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"9.3.3\", \"matchCriteriaId\": \"6FE7BA33-2AC0-4A85-97AD-6D77F20BA2AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.2.1\", \"matchCriteriaId\": \"4FE2F959-1084-48D1-B1F1-8182FC9862DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.10.4\", \"matchCriteriaId\": \"5CC17E6B-D7AB-40D7-AEC5-F5B555AC4D7F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"11.2\", \"matchCriteriaId\": \"1BB6B48E-EA36-40A0-96D0-AF909BEC1147\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.2.0\", \"matchCriteriaId\": \"2CBED844-7F94-498C-836D-8593381A9657\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.19.2\", \"matchCriteriaId\": \"C170DBA1-0899-4ECC-9A0D-8FEB1DA1B510\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"x14.3.3\", \"matchCriteriaId\": \"358FA1DC-63D3-49F6-AC07-9E277DD0D9DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2024.01.0\", \"matchCriteriaId\": \"BFF2D182-7599-4B81-B56B-F44EDA1384C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4868BCCA-24DE-4F24-A8AF-B3A545C0396E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2024.02.0\", \"matchCriteriaId\": \"194F7A1F-FD43-4FF7-9AE2-C13AA5567E8A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2024.02.0\", \"matchCriteriaId\": \"BEC75F99-C7F0-47EB-9032-C9D3A42EBA20\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6638F4E-16F7-447D-B755-52640BCB1C61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC34F742-530E-4AB4-8AFC-D1E088E256B4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D31CC0E9-8E21-436B-AB84-EA1B1BC60DCD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"12.6.2\", \"matchCriteriaId\": \"E22AD683-345B-4E16-BB9E-E9B1783E09AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5C0D694-9E24-4782-B35F-D7C3E3B0F2ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:fog_director:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.22\", \"matchCriteriaId\": \"2955BEE9-F567-4006-B96D-92E10FF84DB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"17.15.1\", \"matchCriteriaId\": \"67502878-DB20-4410-ABA0-A1C5705064CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.11.2\", \"matchCriteriaId\": \"177DED2D-8089-4494-BDD9-7F84FC06CD5B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"15.1.0\", \"matchCriteriaId\": \"54A29FD3-4128-4333-8445-A7DD04A6ECF6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67074526-9933-46B3-9FE3-A0BE73C5E8A7\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.2\\\\(7\\\\)\", \"matchCriteriaId\": \"EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.3\\\\(1\\\\)\", \"versionEndExcluding\": \"10.3\\\\(5\\\\)\", \"matchCriteriaId\": \"0A236A0A-6956-4D79-B8E5-B2D0C79FAE88\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"528ED62B-D739-4E06-AC64-B506FD73BBAB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC2A6C31-438A-4CF5-A3F3-364B1672EB7D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76C10D85-88AC-4A79-8866-BED88A0F8DF8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09AC2BAD-F536-48D0-A2F0-D4E290519EB6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F4E8EE4-031D-47D3-A12E-EE5F792172EE\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8FF2EC4-0C09-4C00-9956-A2A4A894F63D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D14D4B4E-120E-4607-A4F1-447C7BF3052E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15702ACB-29F3-412D-8805-E107E0729E35\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E930332-CDDD-48D5-93BC-C22D693BBFA2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29B34855-D8D2-4114-80D2-A4D159C62458\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7BF4B8FE-E134-4491-B5C2-C1CFEB64731B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4226DA0-9371-401C-8247-E6E636A116C3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7664666F-BCE4-4799-AEEA-3A73E6AD33F4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3DBBFE9-835C-4411-8492-6006E74BAC65\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3293438-3D18-45A2-B093-2C3F65783336\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C97C29EE-9426-4BBE-8D84-AB5FF748703D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3132q-x\\\\/3132q-xl:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E142C18F-9FB5-4D96-866A-141D7D16CAF7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F43B770-D96C-44EA-BC12-9F39FC4317B9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7817F4E6-B2DA-4F06-95A4-AF329F594C02\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CED628B5-97A8-4B26-AA40-BEC854982157\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7BB9DD73-E31D-4921-A6D6-E14E04703588\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3172pq\\\\/pq-xl:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8EFC116A-627F-4E05-B631-651D161217C8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4532F513-0543-4960-9877-01F23CA7BA1B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B43502B-FD53-465A-B60F-6A359C6ACD99\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3229124-B097-4AAC-8ACD-2F9C89DCC3AB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32A532C0-B0E3-484A-B356-88970E7D0248\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C84D24C-2256-42AF-898A-221EBE9FE1E4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"652A2849-668D-4156-88FB-C19844A59F33\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D008CA1C-6F5A-40EA-BB12-A9D84D5AF700\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24FBE87B-8A4F-43A8-98A3-4A7D9C630937\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6ACD09AC-8B28-4ACB-967B-AB3D450BC137\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43913A0E-50D5-47DD-94D8-DD3391633619\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D397349-CCC6-479B-9273-FB1FFF4F34F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC7286A7-780F-4A45-940A-4AD5C9D0F201\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA52D5C1-13D8-4D23-B022-954CCEF491F1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F7AF8D7-431B-43CE-840F-CC0817D159C0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DAC204C8-1A5A-4E85-824E-DC9B8F6A802D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8E1073F-D374-4311-8F12-AD8C72FAA293\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EAF5AF71-15DF-4151-A1CF-E138A7103FC8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10F80A72-AD54-4699-B8AE-82715F0B58E2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3524-x\\\\/xl:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E505C0B1-2119-4C6A-BF96-C282C633D169\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9354B6A2-D7D6-442E-BF4C-FE8A336D9E94\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"088C0323-683A-44F5-8D42-FF6EC85D080E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"74CB4002-7636-4382-B33E-FBA060A13C34\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3548-x\\\\/xl:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"915EF8F6-6039-4DD0-B875-30D911752B74\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10CEBF73-3EE0-459A-86C5-F8F6243FE27C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97217080-455C-48E4-8CE1-6D5B9485864F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95D2C4C3-65CE-4612-A027-AF70CEFC3233\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"57572E4A-78D5-4D1A-938B-F05F01759612\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.2\\\\(7\\\\)\", \"matchCriteriaId\": \"EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.3\\\\(1\\\\)\", \"versionEndExcluding\": \"10.3\\\\(5\\\\)\", \"matchCriteriaId\": \"0A236A0A-6956-4D79-B8E5-B2D0C79FAE88\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0CD9C1F1-8582-4F67-A77D-97CBFECB88B8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"532CE4B0-A3C9-4613-AAAF-727817D06FB4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24CA1A59-2681-4507-AC74-53BD481099B9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4283E433-7F8C-4410-B565-471415445811\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FFB9FDE8-8533-4F65-BF32-4066D042B2F7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F80AB6FB-32FD-43D7-A9F1-80FA47696210\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AA5389A-8AD1-476E-983A-54DF573C30F5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5B2E4C1-2627-4B9D-8E92-4B483F647651\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1B1A8F1-45B1-4E64-A254-7191FA93CB6D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83DA8BFA-D7A2-476C-A6F5-CAE610033BC2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"557ED31C-C26A-4FAE-8B14-D06B49F7F08B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11411BFD-3F4D-4309-AB35-A3629A360FB0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB2FFD26-8255-4351-8594-29D2AEFC06EF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E663DE91-C86D-48DC-B771-FA72A8DF7A7C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61E10975-B47E-4F4D-8096-AEC7B7733612\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A90184B3-C82F-4CE5-B2AD-97D5E4690871\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"40E40F42-632A-47DF-BE33-DC25B826310B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16C64136-89C2-443C-AF7B-BED81D3DE25A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBEF7F26-BB47-44BD-872E-130820557C23\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07DE6F63-2C7D-415B-8C34-01EC05C062F3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"182000E0-8204-4D8B-B7DE-B191AFE12E28\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F423E45D-A6DD-4305-9C6A-EAB26293E53A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDC208BC-7E19-48C6-A20E-A79A51B7362C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"102F91CD-DFB6-43D4-AE5B-DA157A696230\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E952A96A-0F48-4357-B7DD-1127D8827650\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"084D0191-563B-4FF0-B589-F35DA118E1C6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7DB6FC5-762A-4F16-AE8C-69330EFCF640\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F70D81F1-8B12-4474-9060-B4934D8A3873\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5394DE31-3863-4CA9-B7B1-E5227183100D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"968390BC-B430-4903-B614-13104BFAE635\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7349D69B-D8FA-4462-AA28-69DD18A652D9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE4BB834-2C00-4384-A78E-AF3BCDDC58AF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7CE49B45-F2E9-491D-9C29-1B46E9CE14E2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BFAD21E-59EE-4CCE-8F1E-621D2EA50905\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91231DC6-2773-4238-8C14-A346F213B5E5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DF88547-BAF4-47B0-9F60-80A30297FCEB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02C3CE6D-BD54-48B1-A188-8E53DA001424\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"498991F7-39D6-428C-8C7D-DD8DC72A0346\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"113772B6-E9D2-4094-9468-3F4E1A87D07D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7B90D36-5124-4669-8462-4EAF35B0F53D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C45A38D6-BED6-4FEF-AD87-A1E813695DE0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1FC2B1F-232E-4754-8076-CC82F3648730\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F1127D2-12C0-454F-91EF-5EE334070D06\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D6EB963-E0F2-4A02-8765-AB2064BE19E9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"785FD17C-F32E-4042-9DDE-A89B3AAE0334\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEAAF99B-5406-4722-81FB-A91CBAC2DF41\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73DC1E93-561E-490C-AE0E-B02BAB9A7C8E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CF467E2-4567-426E-8F48-39669E0F514C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63842B25-8C32-4988-BBBD-61E9CB09B4F3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68EA1FEF-B6B6-49FE-A0A4-5387F76303F8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"40D6DB7F-C025-4971-9615-73393ED61078\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4364ADB9-8162-451D-806A-B98924E6B2CF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B53BCB42-ED61-4FCF-8068-CB467631C63C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"737C724A-B6CD-4FF7-96E0-EBBF645D660E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7067AEC7-DFC8-4437-9338-C5165D9A8F36\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49E0371B-FDE2-473C-AA59-47E1269D050F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"489D11EC-5A18-4F32-BC7C-AC1FCEC27222\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71D4CF15-B293-4403-A1A9-96AD3933BAEF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DBCC1515-2DBE-4DF2-8E83-29A869170F36\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BC5293E-F2B4-46DC-85DA-167EA323FCFD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7282AAFF-ED18-4992-AC12-D953C35EC328\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA022E77-6557-4A33-9A3A-D028E2DB669A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"360409CC-4172-4878-A76B-EA1C1F8C7A79\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8D5D5E2-B40B-475D-9EF3-8441016E37E9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63BE0266-1C00-4D6A-AD96-7F82532ABAA7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73F59A4B-AE92-4533-8EDC-D1DD850309FF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"492A2C86-DD38-466B-9965-77629A73814F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FB7AA46-4018-4925-963E-719E1037F759\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31B9D1E4-10B9-4B6F-B848-D93ABF6486D6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9500_supervisor_a\\\\+:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB270C45-756E-400A-979F-D07D750C881A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E8A085C-2DBA-4269-AB01-B16019FBB4DA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9500_supervisor_b\\\\+:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A79DD582-AF68-44F1-B640-766B46EF2BE2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B04484DA-AA59-4833-916E-6A8C96D34F0D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"768BE390-5ED5-48A7-9E80-C4DE8BA979B1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D07B5399-44C7-468D-9D57-BB5B5E26CE50\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDC2F709-AFBE-48EA-A3A2-DA1134534FB6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B76FB64F-16F0-4B0B-B304-B46258D434BA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E02DC82-0D26-436F-BA64-73C958932B0A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E128053-834B-4DD5-A517-D14B4FC2B56F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"163743A1-09E7-4EC5-8ECA-79E4B9CE173B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE340E4C-DC48-4FC8-921B-EE304DB5AE0A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C367BBE0-D71F-4CB5-B50E-72B033E73FE1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85E1D224-4751-4233-A127-A041068C804A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD31B075-01B1-429E-83F4-B999356A0EB9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3284D16F-3275-4F8D-8AE4-D413DE19C4FA\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\"}, {\"lang\": \"es\", \"value\": \"El protocolo HTTP/2 permite una denegaci\\u00f3n de servicio (consumo de recursos del servidor) porque la cancelaci\\u00f3n de solicitudes puede restablecer muchas transmisiones r\\u00e1pidamente, como se explot\\u00f3 en la naturaleza entre agosto y octubre de 2023.\"}]",
"id": "CVE-2023-44487",
"lastModified": "2024-12-20T17:40:52.067",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2023-10-10T14:15:10.883",
"references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/4\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/9\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/4\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/8\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/19/6\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/20/8\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-44487\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Press/Media Coverage\", \"Third Party Advisory\"]}, {\"url\": \"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Technical Description\"]}, {\"url\": \"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\", \"source\": \"cve@mitre.org\", \"tags\": [\"Press/Media Coverage\", \"Third Party Advisory\"]}, {\"url\": \"https://blog.vespa.ai/cve-2023-44487/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1216123\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Technical Description\"]}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\", \"source\": \"cve@mitre.org\", \"tags\": [\"Technical Description\"]}, {\"url\": \"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\", \"source\": \"cve@mitre.org\", \"tags\": [\"Technical Description\", \"Third Party Advisory\"]}, {\"url\": \"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/Azure/AKS/issues/3947\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/Kong/kong/discussions/11741\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/advisories/GHSA-vx74-f528-fxqg\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/akka/akka-http/issues/4323\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/alibaba/tengine/issues/1872\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/apache/apisix/issues/10320\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/apache/httpd-site/pull/10\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\", \"source\": \"cve@mitre.org\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Product\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/apache/trafficserver/pull/10564\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/bcdannyboy/CVE-2023-44487\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/caddyserver/caddy/issues/5877\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/dotnet/announcements/issues/277\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Mitigation\"]}, {\"url\": \"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\", \"source\": \"cve@mitre.org\", \"tags\": [\"Product\", \"Release Notes\"]}, {\"url\": \"https://github.com/eclipse/jetty.project/issues/10679\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/envoyproxy/envoy/pull/30055\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/etcd-io/etcd/issues/16740\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/facebook/proxygen/pull/466\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/golang/go/issues/63417\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/grpc/grpc-go/pull/6703\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/h2o/h2o/pull/3291\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/haproxy/haproxy/issues/2312\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\", \"source\": \"cve@mitre.org\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/junkurihara/rust-rpxy/issues/97\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/kazu-yamamoto/http2/issues/93\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/kubernetes/kubernetes/pull/121120\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/line/armeria/pull/5232\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/micrictor/http2-rst-stream\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/microsoft/CBL-Mariner/pull/6381\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/nghttp2/nghttp2/pull/1961\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/ninenines/cowboy/issues/1615\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/nodejs/node/pull/50121\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/openresty/openresty/issues/930\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/opensearch-project/data-prepper/issues/3474\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/oqtane/oqtane.framework/discussions/3367\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/projectcontour/contour/pull/5826\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/tempesta-tech/tempesta/issues/1986\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/varnishcache/varnish-cache/issues/3996\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Release Notes\"]}, {\"url\": \"https://istio.io/latest/news/security/istio-security-2023-004/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://my.f5.com/manage/s/article/K000137106\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://netty.io/news/2023/10/10/4-1-100-Final.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37830987\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37830998\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37831062\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37837043\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231016-0001/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0007/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0007/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2023-44487\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-44487\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\", \"source\": \"cve@mitre.org\", \"tags\": [\"Press/Media Coverage\", \"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5521\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5522\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5540\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5549\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5558\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5570\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mitigation\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/10/10/6\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\", \"source\": \"cve@mitre.org\", \"tags\": [\"Press/Media Coverage\"]}, {\"url\": \"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Press/Media Coverage\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/19/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/20/8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-44487\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Press/Media Coverage\", \"Third Party Advisory\"]}, {\"url\": \"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Technical Description\", \"Vendor Advisory\"]}, {\"url\": \"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Press/Media Coverage\", \"Third Party Advisory\"]}, {\"url\": \"https://blog.vespa.ai/cve-2023-44487/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1216123\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Technical Description\", \"Vendor Advisory\"]}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Technical Description\", \"Vendor Advisory\"]}, {\"url\": \"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Technical Description\", \"Third Party Advisory\"]}, {\"url\": \"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/Azure/AKS/issues/3947\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/Kong/kong/discussions/11741\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/advisories/GHSA-vx74-f528-fxqg\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Patch\"]}, {\"url\": \"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/akka/akka-http/issues/4323\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/alibaba/tengine/issues/1872\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/apache/apisix/issues/10320\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/apache/httpd-site/pull/10\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/apache/trafficserver/pull/10564\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/bcdannyboy/CVE-2023-44487\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/caddyserver/caddy/issues/5877\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/dotnet/announcements/issues/277\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/eclipse/jetty.project/issues/10679\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/envoyproxy/envoy/pull/30055\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/etcd-io/etcd/issues/16740\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/facebook/proxygen/pull/466\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/golang/go/issues/63417\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/grpc/grpc-go/pull/6703\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/h2o/h2o/pull/3291\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/haproxy/haproxy/issues/2312\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/junkurihara/rust-rpxy/issues/97\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/kazu-yamamoto/http2/issues/93\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/kubernetes/kubernetes/pull/121120\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/line/armeria/pull/5232\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/micrictor/http2-rst-stream\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/microsoft/CBL-Mariner/pull/6381\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/nghttp2/nghttp2/pull/1961\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/ninenines/cowboy/issues/1615\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/nodejs/node/pull/50121\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/openresty/openresty/issues/930\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/opensearch-project/data-prepper/issues/3474\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/oqtane/oqtane.framework/discussions/3367\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/projectcontour/contour/pull/5826\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://github.com/tempesta-tech/tempesta/issues/1986\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://github.com/varnishcache/varnish-cache/issues/3996\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Vendor Advisory\"]}, {\"url\": \"https://istio.io/latest/news/security/istio-security-2023-004/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://my.f5.com/manage/s/article/K000137106\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://netty.io/news/2023/10/10/4-1-100-Final.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37830987\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37830998\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Press/Media Coverage\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37831062\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37837043\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231016-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0007/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0007/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2023-44487\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-44487\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Press/Media Coverage\", \"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5521\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5522\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5540\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5549\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5558\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5570\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/10/10/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Press/Media Coverage\"]}, {\"url\": \"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Press/Media Coverage\", \"Third Party Advisory\"]}, {\"url\": \"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-400\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-44487\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-10-10T14:15:10.883\",\"lastModified\":\"2026-06-17T06:27:44.067\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\"},{\"lang\":\"es\",\"value\":\"El protocolo HTTP/2 permite una denegaci\u00f3n de servicio (consumo de recursos del servidor) porque la cancelaci\u00f3n de solicitudes puede restablecer muchas transmisiones r\u00e1pidamente, como se explot\u00f3 en la naturaleza entre agosto y octubre de 2023.\"}],\"affected\":[{\"source\":\"cve@mitre.org\",\"affectedData\":[{\"vendor\":\"n/a\",\"product\":\"n/a\",\"versions\":[{\"version\":\"n/a\",\"status\":\"affected\"}]}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"affectedData\":[{\"vendor\":\"ietf\",\"product\":\"http\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*\"],\"versions\":[{\"version\":\"2.0\",\"status\":\"affected\"}]}]},{\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"affectedData\":[{\"vendor\":\"Siemens\",\"product\":\"RUGGEDCOM APE1808\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SINEC NMS\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"V3.0\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-07-23T20:34:21.334116Z\",\"id\":\"CVE-2023-44487\",\"options\":[{\"exploitation\":\"active\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"cisaExploitAdd\":\"2023-10-10\",\"cisaActionDue\":\"2023-10-31\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"HTTP/2 Rapid Reset Attack Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"2A7548B8-3DF7-46D9-8A4F-87C38969D900\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4_pn\\\\/dp_mfp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B1EE93D-BAD2-4B86-910C-8784FCC9F398\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0\",\"matchCriteriaId\":\"C89891C1-DFD7-4E1F-80A9-7485D86A15B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4664B195-AF14-4834-82B3-0B2C98020EB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"75BC588E-CDF0-404E-AD61-02093A1DF343\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A334F7B4-7283-4453-BAED-D2E01B7F8A6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6BEA71C-CA81-4B5D-A688-2B21E62DC351\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B405F22-5517-49F5-A7CA-1E50D58DFC75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"AE06B8AF-B36C-4743-A056-30712163F75B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:st7_scadaconnect:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.1\",\"matchCriteriaId\":\"BCBD17AE-C1AE-4ECF-A991-0FFBDD06D687\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_ape1808_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37FDCA69-9049-40B4-88AF-F476901022B6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_ape1808:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B89A6863-B602-4404-8D26-337FECABFFF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"99E36624-A573-47D9-B158-B18A8A822FBA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\\\/dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40F38253-92F5-4A3A-AA07-292F7542D8A6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_s7-1500_cpu_1518-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"19F1C257-0EE6-47DE-B4BE-169F801FFDD8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_s7-1500_cpu_1518-4_pn\\\\/dp_mfp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2F63E0A-126D-4A93-8159-45EB5E606F81\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5200E35-222B-42E0-83E0-5B702684D992\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.57.0\",\"matchCriteriaId\":\"C3BDC297-F023-4E87-8518-B84CCF9DD6A8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.100\",\"matchCriteriaId\":\"D12D5257-7ED2-400F-9EF7-40E0D3650C2B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B058776-B5B7-4079-B0AF-23F40926DCEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D565975-EFD9-467C-B6E3-1866A4EF17A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D487271-1B5E-4F16-B0CB-A7B8908935C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA6ED627-EFB3-4BDD-8ECC-C5947A1470B2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.4.53\",\"matchCriteriaId\":\"A4A6F189-6C43-462D-85C9-B0EBDA8A4683\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.17\",\"matchCriteriaId\":\"C993C920-85C0-4181-A95E-5D965A670738\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.0.17\",\"matchCriteriaId\":\"08E79A8E-E12C-498F-AF4F-1AAA7135661E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndExcluding\":\"12.0.2\",\"matchCriteriaId\":\"F138D800-9A3B-4C76-8A3C-4793083A1517\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.5\",\"matchCriteriaId\":\"6341DDDA-AD27-4087-9D59-0A212F0037B4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.20.10\",\"matchCriteriaId\":\"328120E4-C031-44B4-9BE5-03B0CDAA066F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.21.0\",\"versionEndExcluding\":\"1.21.3\",\"matchCriteriaId\":\"5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"D7D2F801-6F65-4705-BCB9-D057EA54A707\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"801F25DA-F38C-4452-8E90-235A3B1A5FF0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"D93F04AD-DF14-48AB-9F13-8B2E491CF42E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7522C760-7E07-406F-BF50-5656D5723C4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"3A7F605E-EB10-40FB-98D6-7E3A95E310BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"783E62F2-F867-48F1-B123-D1227C970674\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A8D90B7-A1AF-4EFB-B688-1563D81E5C6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"6603ED6A-3366-4572-AFCD-B3D4B1EC7606\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"88978E38-81D3-4EFE-8525-A300B101FA69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"0510296F-92D7-4388-AE3A-0D9799C2FC4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D7698D6C-B1F7-43C1-BBA6-88E956356B3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A1CC91B-6920-4AF0-9EDD-DD3189E78F4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"05E452AA-A520-4CBE-8767-147772B69194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"596FC5D5-7329-4E39-841E-CAE937C02219\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"B3C7A168-F370-441E-8790-73014BCEC39F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"CF16FD01-7704-40AB-ACB2-80A883804D22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1769D69A-CB59-46B1-89B3-FB97DC6DEB9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"9167FEC1-2C37-4946-9657-B4E69301FB24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7B4B3442-E0C0-48CD-87AD-060E15C9801E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"8FA85EC1-D91A-49DD-949B-2AF7AC813CA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"20662BB0-4C3D-4CF0-B068-3555C65DD06C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59203EBF-C52A-45A1-B8DF-00E17E3EFB51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"7EC2324D-EC8B-41DF-88A7-819E53AAD0FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"9B88F9D1-B54B-40C7-A18A-26C4A071D7EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"C8F39403-C259-4D6F-9E9A-53671017EEDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"220F2D38-FA82-45EF-B957-7678C9FEDBC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C698C1C-A3DD-46E2-B05A-12F2604E7F85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"922AA845-530A-4B4B-9976-4CBC30C8A324\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"F938EB43-8373-47EB-B269-C6DF058A9244\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"1771493E-ACAA-477F-8AB4-25DB12F6AD6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"5E86F3D5-65A4-48CE-A6A2-736BBB88E3F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87670A74-34FE-45DF-A725-25B804C845B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"C7E422F6-C4C2-43AC-B137-0997B5739030\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"CC3F710F-DBCB-4976-9719-CF063DA22377\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"4B9B76A1-7C5A-453F-A4ED-F1A81BCEBEB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"88EDFCD9-775C-48FA-9CDA-2B04DA8D0612\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67DB21AE-DF53-442D-B492-C4ED9A20B105\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"4C9FCBCB-9CE0-49E7-85C8-69E71D211912\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"112DFA85-90AD-478D-BD70-8C7C0C074F1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"DB704A1C-D8B7-48BB-A15A-C14DB591FE4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"21D51D9F-2840-4DEA-A007-D20111A1745C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BC1D037-74D2-4F92-89AD-C90F6CBF440B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"CAEF3EA4-7D5A-4B44-9CE3-258AEC745866\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"2FBCE2D1-9D93-415D-AB2C-2060307C305A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"8070B469-8CC4-4D2F-97D7-12D0ABB963C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"A326597E-725D-45DE-BEF7-2ED92137B253\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B235A78-649B-46C5-B24B-AB485A884654\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"08B25AAB-A98C-4F89-9131-29E3A8C0ED23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"ED9B976A-D3AD-4445-BF8A-067C3EBDFBB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"98D2CE1E-DED0-470A-AA78-C78EF769C38E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"C966FABA-7199-4F0D-AB8C-4590FE9D2FFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84D00768-E71B-4FF7-A7BF-F2C8CFBC900D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"E3D2ABA3-D4A9-4267-B0DF-7C3BBEEAEB66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"BC36311E-BB00-4750-85C8-51F5A2604F07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"A65D357E-4B40-42EC-9AAA-2B6CEF78C401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D7EF9865-FE65-4DFB-BF21-62FBCE65FF1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABBD10E8-6054-408F-9687-B9BF6375CA09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"E6018B01-048C-43BB-A78D-66910ED60CA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"3A6A5686-5A8B-45D5-9165-BC99D2CCAC47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"5D2A121F-5BD2-4263-8ED3-1DDE25B5C306\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"0A4F7BAD-3EDD-4DE0-AAB7-DE5ACA34DD79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83794B04-87E2-4CA9-81F5-BB820D0F5395\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"D9EC2237-117F-43BD-ADEC-516CF72E04EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"F70D4B6F-65CF-48F4-9A07-072DFBCE53D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"29563719-1AF2-4BB8-8CCA-A0869F87795D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D24815DD-579A-46D1-B9F2-3BB2C56BC54D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A6E7035-3299-474F-8F67-945EA9A059D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"0360F76D-E75E-4B05-A294-B47012323ED9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7A4607BF-41AC-4E84-A110-74E085FF0445\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"441CC945-7CA3-49C0-AE10-94725301E31D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"46BA8E8A-6ED5-4FB2-8BBC-586AA031085A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56FB92F7-FF1E-425D-A5AB-9D9FB0BB9450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"969C4F14-F6D6-46D6-B348-FC1463877680\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.5.0\",\"versionEndIncluding\":\"1.8.2\",\"matchCriteriaId\":\"41AD5040-1250-45F5-AB63-63F333D49BCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"8257AA59-C14D-4EC1-B22C-DFBB92CBC297\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"37DB32BB-F4BA-4FB5-94B1-55C3F06749CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"FFF5007E-761C-4697-8D34-C064DF0ABE8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"910441D3-90EF-4375-B007-D51120A60AB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"667EB77B-DA13-4BA4-9371-EE3F3A109F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"8A6F9699-A485-4614-8F38-5A556D31617E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"5A90F547-97A2-41EC-9FDF-25F869F0FA38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"E76E1B82-F1DC-4366-B388-DBDF16C586A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"660137F4-15A1-42D1-BBAC-99A1D5BB398B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C446827A-1F71-4FAD-9422-580642D26AD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"1932D32D-0E4B-4BBD-816F-6D47AB2E2F04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"D47B7691-A95B-45C0-BAB4-27E047F3C379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"2CD1637D-0E42-4928-867A-BA0FDB6E8462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"3A599F90-F66B-4DF0-AD7D-D234F328BD59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D1B2000-C3FE-4B4C-885A-A5076EB164E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"5326759A-AFB0-4A15-B4E9-3C9A2E5DB32A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"57D92D05-C67D-437E-88F3-DCC3F6B0ED2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"ECCB8C30-861E-4E48-A5F5-30EE523C1FB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"F5FEAD2A-3A58-432E-BEBB-6E3FDE24395F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AB23AE6-245E-43D6-B832-933F8259F937\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.9.5\",\"versionEndIncluding\":\"1.25.2\",\"matchCriteriaId\":\"1188B4A9-2684-413C-83D1-E91C75AE0FCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndIncluding\":\"2.4.2\",\"matchCriteriaId\":\"3337609D-5291-4A52-BC6A-6A8D4E60EB20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndIncluding\":\"3.3.0\",\"matchCriteriaId\":\"6CF0ABD9-EB28-4966-8C31-EED7AFBF1527\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"r25\",\"versionEndExcluding\":\"r29\",\"matchCriteriaId\":\"F291CB34-47A4-425A-A200-087CC295AEC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5892B558-EC3A-43FF-A1D5-B2D9F70796F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"96BF2B19-52C7-4051-BA58-CAE6F912B72F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.5.0\",\"versionEndIncluding\":\"8.5.93\",\"matchCriteriaId\":\"ABD26B48-CC80-4FAE-BD3D-78DE4C80C92B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndIncluding\":\"9.0.80\",\"matchCriteriaId\":\"F3EC20B6-B2AB-41F5-9BF9-D16C1FE67C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndIncluding\":\"10.1.13\",\"matchCriteriaId\":\"0765CC3D-AB1A-4147-8900-EF4C105321F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1AA7FF6-E8E7-4BF6-983E-0A99B0183008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*\",\"matchCriteriaId\":\"57088BDD-A136-45EF-A8A1-2EBF79CEC2CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*\",\"matchCriteriaId\":\"B32D1D7A-A04F-444E-8F45-BB9A9E4B0199\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AAD52CE-94F5-4F98-A027-9A7E68818CB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*\",\"matchCriteriaId\":\"03A171AF-2EC8-4422-912C-547CDB58CAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*\",\"matchCriteriaId\":\"538E68C4-0BA4-495F-AEF8-4EF6EE7963CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*\",\"matchCriteriaId\":\"49350A6E-5E1D-45B2-A874-3B8601B3ADCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F50942F-DF54-46C0-8371-9A476DD3EEA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*\",\"matchCriteriaId\":\"D12C2C95-B79F-4AA4-8CE3-99A3EE7991AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*\",\"matchCriteriaId\":\"98792138-DD56-42DF-9612-3BDC65EEC117\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:swiftnio_http\\\\/2:*:*:*:*:*:swift:*:*\",\"versionEndExcluding\":\"1.28.0\",\"matchCriteriaId\":\"08190072-3880-4EF5-B642-BA053090D95B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"1.56.3\",\"matchCriteriaId\":\"5F4CDEA9-CB47-4881-B096-DA896E2364F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*\",\"versionEndIncluding\":\"1.59.2\",\"matchCriteriaId\":\"E65AF7BC-7DAE-408A-8485-FBED22815F75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*\",\"versionStartIncluding\":\"1.58.0\",\"versionEndExcluding\":\"1.58.3\",\"matchCriteriaId\":\"DD868DDF-C889-4F36-B5E6-68B6D9EA48CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*\",\"matchCriteriaId\":\"FBD991E2-DB5A-4AAD-95BA-4B5ACB811C96\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.23\",\"matchCriteriaId\":\"4496821E-BD55-4F31-AD9C-A3D66CBBD6BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.12\",\"matchCriteriaId\":\"8DF7ECF6-178D-433C-AA21-BAE9EF248F37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.23\",\"matchCriteriaId\":\"1C3418F4-B8BF-4666-BB39-C188AB01F45C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.12\",\"matchCriteriaId\":\"1278DD1C-EFA9-4316-AD32-24C1B1FB0CEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-08\",\"matchCriteriaId\":\"3BDFB0FF-0F4A-4B7B-94E8-ED72A8106314\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.0\",\"versionEndExcluding\":\"17.2.20\",\"matchCriteriaId\":\"16A8F269-E07E-402F-BFD5-60F3988A5EAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.4\",\"versionEndExcluding\":\"17.4.12\",\"matchCriteriaId\":\"C4B2B972-69E2-4D21-9A7C-B2AFF1D89EB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.6\",\"versionEndExcluding\":\"17.6.8\",\"matchCriteriaId\":\"DA5834D4-F52F-41C0-AA11-C974FFEEA063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndExcluding\":\"17.7.5\",\"matchCriteriaId\":\"2166106F-ACD6-4C7B-B0CC-977B83CC5F73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.14393.6351\",\"matchCriteriaId\":\"4CD49C41-6D90-47D3-AB4F-4A74169D3A8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.14393.6351\",\"matchCriteriaId\":\"BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.17763.4974\",\"matchCriteriaId\":\"E500D59C-6597-45E9-A57B-BE26C0C231D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19044.3570\",\"matchCriteriaId\":\"C9F9A643-90C6-489C-98A0-D2739CE72F86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19045.3570\",\"matchCriteriaId\":\"1814619C-ED07-49E0-A50A-E28D824D43BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22000.2538\",\"matchCriteriaId\":\"100A27D3-87B0-4E72-83F6-7605E3F35E63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22621.2428\",\"matchCriteriaId\":\"C6A36795-0238-45C9-ABE6-3DCCF751915B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB79EE26-FC32-417D-A49C-A1A63165A968\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"821614DD-37DD-44E2-A8A4-FE8D23A33C3C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.0.0\",\"versionEndExcluding\":\"18.18.2\",\"matchCriteriaId\":\"94BAB9EB-1527-4D9A-BADE-0708579536CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.0.0\",\"versionEndExcluding\":\"20.8.1\",\"matchCriteriaId\":\"69843DE4-4721-4F0A-A9B7-0F6DF5AAA388\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-11\",\"matchCriteriaId\":\"B25279EF-C406-4133-99ED-0492703E0A4E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-10\",\"matchCriteriaId\":\"9FFFF84B-F35C-43DE-959A-A5D10C3AE9F5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023.10.16.00\",\"matchCriteriaId\":\"9DCE8C89-7C22-48CA-AF22-B34C8AA2CB8C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.6.1\",\"matchCriteriaId\":\"EDEB508E-0EBD-4450-9074-983DDF568AB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndExcluding\":\"8.1.9\",\"matchCriteriaId\":\"93A1A748-6C71-4191-8A16-A93E94E2CDE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.2.3\",\"matchCriteriaId\":\"4E4BCAF6-B246-41EC-9EE1-24296BFC4F5A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.5.0\",\"matchCriteriaId\":\"6F70360D-6214-46BA-AF82-6AB01E13E4E9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2.2\",\"matchCriteriaId\":\"E2DA759E-1AF8-49D3-A3FC-1B426C13CA82\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.17.6\",\"matchCriteriaId\":\"28BE6F7B-AE66-4C8A-AAFA-F1262671E9BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.18.0\",\"versionEndExcluding\":\"1.18.3\",\"matchCriteriaId\":\"F0C8E760-C8D2-483A-BBD4-6A6D292A3874\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.19.0\",\"versionEndExcluding\":\"1.19.1\",\"matchCriteriaId\":\"5D0F78BB-6A05-4C97-A8DB-E731B6CC8CC7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-10\",\"matchCriteriaId\":\"050AE218-3871-44D6-94DA-12D84C2093CB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.10.5\",\"matchCriteriaId\":\"B36BFFB0-C0EC-4926-A1DB-0B711C846A68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"376EAF9B-E994-4268-9704-0A45EA30270F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D08335-C291-4623-B80C-3B14C4D1FA32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"21033CEE-CEF5-4B0D-A565-4A6FC764AA6D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*\",\"versionEndExcluding\":\"2023-10-11\",\"matchCriteriaId\":\"FC4C66B1-42C0-495D-AE63-2889DE0BED84\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:*\",\"versionStartIncluding\":\"2.12.0\",\"versionEndIncluding\":\"2.12.5\",\"matchCriteriaId\":\"8633E263-F066-4DD8-A734-90207207A873\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"34A23BD9-A0F4-4D85-8011-EAC93C29B4E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"27ED3533-A795-422F-B923-68BE071DC00D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"45F7E352-3208-4188-A5B1-906E00DF9896\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"DF89A8AD-66FE-439A-B732-CAAB304D765B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.26.0\",\"matchCriteriaId\":\"A400C637-AF18-4BEE-B57C-145261B65DEC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"653A5B08-0D02-4362-A8B1-D00B24C6C6F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0E6B4B-BAA6-474E-A18C-72C9719CEC1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0FD736A-8730-446A-BA3A-7B608DB62B0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4C504B6-3902-46E2-82B7-48AEC9CDD48D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B4BE2D6-43C3-4065-A213-5DB1325DC78F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D54F5AE-61EC-4434-9D5F-9394A3979894\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE29B9D6-63DC-4779-ACE8-4E51E6A0AF37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E37E1B3-6F68-4502-85D6-68333643BDFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D5A7736-A403-4617-8790-18E46CB74DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F13B03-69BF-4A8B-A0A0-7F47FD857461\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9393119E-F018-463F-9548-60436F104195\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC45EE1E-2365-42D4-9D55-92FA24E5ED3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E567CD9F-5A43-4D25-B911-B5D0440698F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68146098-58F8-417E-B165-5182527117C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB4D6790-63E5-4043-B8BE-B489D649061D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78698F40-0777-4990-822D-02E1B5D0E2C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B87C8AD3-8878-4546-86C2-BF411876648C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF03BDE8-602D-4DEE-BA5B-5B20FDF47741\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A58966CB-36AF-4E64-AB39-BE3A0753E155\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"585BC540-073B-425B-B664-5EA4C00AFED6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B453CF7-9AA6-4B94-A003-BF7AE0B82F53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD354E32-A8B0-484C-B4C6-9FBCD3430D2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72A54BDA-311C-413B-8E4D-388AD65A170A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A305F012-544E-4245-9D69-1C8CD37748B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40CCE4F-EA2C-453D-BB76-6388767E5C6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF93A27E-AA2B-4C2E-9B8D-FE7267847326\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B12A3A8-6456-481A-A0C9-524543FCC149\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C2E7E3C-A507-4AB2-97E5-4944D8775CF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E22EBF9-AA0D-4712-9D69-DD97679CE835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"941B114C-FBD7-42FF-B1D8-4EA30E99102C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"339CFB34-A795-49F9-BF6D-A00F3A1A4F63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D044DBE-6F5A-4C53-828E-7B1A570CACFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E23FA47F-B967-44AD-AB76-1BB2CAD3CA5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*\",\"matchCriteriaId\":\"65203CA1-5225-4E55-A187-6454C091F532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BF8EFFB-5686-4F28-A68F-1A8854E098CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932D137F-528B-4526-9A89-CD59FA1AB0FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DA9B2E2-958B-478D-87D6-E5CDDCD44315\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3F5FF1E-5DA3-4EC3-B41A-A362BDFC4C69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97321212-0E07-4CC2-A917-7B5F61AB9A5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF390236-3259-4C8F-891C-62ACC4386CD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0AAA300-691A-4957-8B69-F6888CC971B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45937289-2D64-47CB-A750-5B4F0D4664A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B129311C-EB4B-4041-B85C-44D5E53FCAA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1AB54DB-3FB4-41CB-88ED-1400FD22AB85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77675CB7-67D7-44E9-B7FF-D224B3341AA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A76A2BCE-4AAE-46D7-93D6-2EDE0FC83145\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C877879-B84B-471C-80CF-0656521CA8AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCC81071-B46D-4F5D-AC25-B4A4CCC20C73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E315FC5C-FF19-43C9-A58A-CF2A5FF13824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20A6B40D-F991-4712-8E30-5FE008505CB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1987BDA-0113-4603-B9BE-76647EB043F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D482A3D2-6E9B-42BA-9926-35E5BDD5F3BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"848C92A9-0677-442B-8D52-A448F2019903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F564701-EDC1-43CF-BB9F-287D6992C6CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12B0CF2B-D1E1-4E20-846E-6F0D873499A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8885C2C-7FB8-40CA-BCB9-B48C50BF2499\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D88B140-D2A1-4A0A-A2E9-1A3B50C295AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A903C3AD-2D25-45B5-BF4A-A5BEB2286627\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5EBD2A-32A3-46D5-B155-B44DCB7F6902\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.5.3\",\"matchCriteriaId\":\"C2792650-851F-4820-B003-06A4BEA092D7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*\",\"versionEndExcluding\":\"3.4.2\",\"matchCriteriaId\":\"9F6B63B9-F4C9-4A3F-9310-E0918E1070D1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*\",\"versionEndIncluding\":\"2.414.2\",\"matchCriteriaId\":\"E6FF5F80-A991-43D4-B49F-D843E2BC5798\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*\",\"versionEndIncluding\":\"2.427\",\"matchCriteriaId\":\"54D25DA9-12D0-4F14-83E6-C69D0293AAB9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.4.0\",\"matchCriteriaId\":\"8E1AFFB9-C717-4727-B0C9-5A0C281710E2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.21.4.3\",\"matchCriteriaId\":\"25C85001-E0AB-4B01-8EE7-1D9C77CD956E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2.003.009\",\"matchCriteriaId\":\"FB2BDBAC-8D19-4F81-8D31-6D0955A53D82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.1\",\"matchCriteriaId\":\"F98F9D27-6659-413F-8F29-4FDB0882AAC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.3\",\"matchCriteriaId\":\"C98BF315-C563-47C2-BAD1-63347A3D1008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"5.0.2\",\"matchCriteriaId\":\"3F30E209-FA52-4D3B-9B88-4193EA388554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_situation_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3178F3A5-A072-44E1-A225-B04BC536F4FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.0\",\"matchCriteriaId\":\"AA2BE0F1-DD16-4876-8EBA-F187BD38B159\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"796B6C58-2140-4105-A2A1-69865A194A75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEA99DC6-EA03-469F-A8BE-7F96FDF0B333\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"x14.3.3\",\"matchCriteriaId\":\"6560DBF4-AFE6-4672-95DE-74A0B8F4170A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.4.2\",\"matchCriteriaId\":\"84785919-796D-41E5-B652-6B5765C81D4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.11.0\",\"matchCriteriaId\":\"92A74A1A-C69F-41E6-86D0-D6BB1C5D0A1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.3.3\",\"matchCriteriaId\":\"6FE7BA33-2AC0-4A85-97AD-6D77F20BA2AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.2.1\",\"matchCriteriaId\":\"4FE2F959-1084-48D1-B1F1-8182FC9862DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.10.4\",\"matchCriteriaId\":\"5CC17E6B-D7AB-40D7-AEC5-F5B555AC4D7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.2\",\"matchCriteriaId\":\"1BB6B48E-EA36-40A0-96D0-AF909BEC1147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.2.0\",\"matchCriteriaId\":\"2CBED844-7F94-498C-836D-8593381A9657\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.19.2\",\"matchCriteriaId\":\"C170DBA1-0899-4ECC-9A0D-8FEB1DA1B510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"x14.3.3\",\"matchCriteriaId\":\"358FA1DC-63D3-49F6-AC07-9E277DD0D9DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.01.0\",\"matchCriteriaId\":\"BFF2D182-7599-4B81-B56B-F44EDA1384C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4868BCCA-24DE-4F24-A8AF-B3A545C0396E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.02.0\",\"matchCriteriaId\":\"194F7A1F-FD43-4FF7-9AE2-C13AA5567E8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.02.0\",\"matchCriteriaId\":\"BEC75F99-C7F0-47EB-9032-C9D3A42EBA20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6638F4E-16F7-447D-B755-52640BCB1C61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC34F742-530E-4AB4-8AFC-D1E088E256B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D31CC0E9-8E21-436B-AB84-EA1B1BC60DCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.6.2\",\"matchCriteriaId\":\"E22AD683-345B-4E16-BB9E-E9B1783E09AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5C0D694-9E24-4782-B35F-D7C3E3B0F2ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:fog_director:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.22\",\"matchCriteriaId\":\"2955BEE9-F567-4006-B96D-92E10FF84DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"17.15.1\",\"matchCriteriaId\":\"67502878-DB20-4410-ABA0-A1C5705064CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.11.2\",\"matchCriteriaId\":\"177DED2D-8089-4494-BDD9-7F84FC06CD5B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.1.0\",\"matchCriteriaId\":\"54A29FD3-4128-4333-8445-A7DD04A6ECF6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67074526-9933-46B3-9FE3-A0BE73C5E8A7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2\\\\(7\\\\)\",\"matchCriteriaId\":\"EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3\\\\(1\\\\)\",\"versionEndExcluding\":\"10.3\\\\(5\\\\)\",\"matchCriteriaId\":\"0A236A0A-6956-4D79-B8E5-B2D0C79FAE88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4\\\\(1\\\\)\",\"versionEndExcluding\":\"10.4\\\\(2\\\\)\",\"matchCriteriaId\":\"BE71D34C-227A-4789-BA4D-79E5FDE311DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"528ED62B-D739-4E06-AC64-B506FD73BBAB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC2A6C31-438A-4CF5-A3F3-364B1672EB7D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76C10D85-88AC-4A79-8866-BED88A0F8DF8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09AC2BAD-F536-48D0-A2F0-D4E290519EB6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F4E8EE4-031D-47D3-A12E-EE5F792172EE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8FF2EC4-0C09-4C00-9956-A2A4A894F63D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D14D4B4E-120E-4607-A4F1-447C7BF3052E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15702ACB-29F3-412D-8805-E107E0729E35\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E930332-CDDD-48D5-93BC-C22D693BBFA2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29B34855-D8D2-4114-80D2-A4D159C62458\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BF4B8FE-E134-4491-B5C2-C1CFEB64731B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4226DA0-9371-401C-8247-E6E636A116C3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7664666F-BCE4-4799-AEEA-3A73E6AD33F4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3DBBFE9-835C-4411-8492-6006E74BAC65\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3293438-3D18-45A2-B093-2C3F65783336\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C97C29EE-9426-4BBE-8D84-AB5FF748703D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-x\\\\/3132q-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E142C18F-9FB5-4D96-866A-141D7D16CAF7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F43B770-D96C-44EA-BC12-9F39FC4317B9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7817F4E6-B2DA-4F06-95A4-AF329F594C02\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CED628B5-97A8-4B26-AA40-BEC854982157\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BB9DD73-E31D-4921-A6D6-E14E04703588\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq\\\\/pq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EFC116A-627F-4E05-B631-651D161217C8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4532F513-0543-4960-9877-01F23CA7BA1B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B43502B-FD53-465A-B60F-6A359C6ACD99\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3229124-B097-4AAC-8ACD-2F9C89DCC3AB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32A532C0-B0E3-484A-B356-88970E7D0248\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C84D24C-2256-42AF-898A-221EBE9FE1E4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"652A2849-668D-4156-88FB-C19844A59F33\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D008CA1C-6F5A-40EA-BB12-A9D84D5AF700\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24FBE87B-8A4F-43A8-98A3-4A7D9C630937\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6ACD09AC-8B28-4ACB-967B-AB3D450BC137\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43913A0E-50D5-47DD-94D8-DD3391633619\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D397349-CCC6-479B-9273-FB1FFF4F34F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC7286A7-780F-4A45-940A-4AD5C9D0F201\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA52D5C1-13D8-4D23-B022-954CCEF491F1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F7AF8D7-431B-43CE-840F-CC0817D159C0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAC204C8-1A5A-4E85-824E-DC9B8F6A802D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8E1073F-D374-4311-8F12-AD8C72FAA293\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAF5AF71-15DF-4151-A1CF-E138A7103FC8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10F80A72-AD54-4699-B8AE-82715F0B58E2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-x\\\\/xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E505C0B1-2119-4C6A-BF96-C282C633D169\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9354B6A2-D7D6-442E-BF4C-FE8A336D9E94\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"088C0323-683A-44F5-8D42-FF6EC85D080E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74CB4002-7636-4382-B33E-FBA060A13C34\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-x\\\\/xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"915EF8F6-6039-4DD0-B875-30D911752B74\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10CEBF73-3EE0-459A-86C5-F8F6243FE27C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97217080-455C-48E4-8CE1-6D5B9485864F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95D2C4C3-65CE-4612-A027-AF70CEFC3233\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57572E4A-78D5-4D1A-938B-F05F01759612\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2\\\\(7\\\\)\",\"matchCriteriaId\":\"EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3\\\\(1\\\\)\",\"versionEndExcluding\":\"10.3\\\\(5\\\\)\",\"matchCriteriaId\":\"0A236A0A-6956-4D79-B8E5-B2D0C79FAE88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4\\\\(1\\\\)\",\"versionEndExcluding\":\"10.4\\\\(2\\\\)\",\"matchCriteriaId\":\"BE71D34C-227A-4789-BA4D-79E5FDE311DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CD9C1F1-8582-4F67-A77D-97CBFECB88B8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"532CE4B0-A3C9-4613-AAAF-727817D06FB4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24CA1A59-2681-4507-AC74-53BD481099B9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4283E433-7F8C-4410-B565-471415445811\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFB9FDE8-8533-4F65-BF32-4066D042B2F7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F80AB6FB-32FD-43D7-A9F1-80FA47696210\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA5389A-8AD1-476E-983A-54DF573C30F5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5B2E4C1-2627-4B9D-8E92-4B483F647651\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1B1A8F1-45B1-4E64-A254-7191FA93CB6D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83DA8BFA-D7A2-476C-A6F5-CAE610033BC2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"557ED31C-C26A-4FAE-8B14-D06B49F7F08B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11411BFD-3F4D-4309-AB35-A3629A360FB0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB2FFD26-8255-4351-8594-29D2AEFC06EF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E663DE91-C86D-48DC-B771-FA72A8DF7A7C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E10975-B47E-4F4D-8096-AEC7B7733612\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A90184B3-C82F-4CE5-B2AD-97D5E4690871\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40E40F42-632A-47DF-BE33-DC25B826310B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16C64136-89C2-443C-AF7B-BED81D3DE25A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBEF7F26-BB47-44BD-872E-130820557C23\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07DE6F63-2C7D-415B-8C34-01EC05C062F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"182000E0-8204-4D8B-B7DE-B191AFE12E28\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F423E45D-A6DD-4305-9C6A-EAB26293E53A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDC208BC-7E19-48C6-A20E-A79A51B7362C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"102F91CD-DFB6-43D4-AE5B-DA157A696230\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E952A96A-0F48-4357-B7DD-1127D8827650\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"084D0191-563B-4FF0-B589-F35DA118E1C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7DB6FC5-762A-4F16-AE8C-69330EFCF640\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F70D81F1-8B12-4474-9060-B4934D8A3873\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5394DE31-3863-4CA9-B7B1-E5227183100D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"968390BC-B430-4903-B614-13104BFAE635\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7349D69B-D8FA-4462-AA28-69DD18A652D9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4BB834-2C00-4384-A78E-AF3BCDDC58AF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CE49B45-F2E9-491D-9C29-1B46E9CE14E2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BFAD21E-59EE-4CCE-8F1E-621D2EA50905\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91231DC6-2773-4238-8C14-A346F213B5E5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DF88547-BAF4-47B0-9F60-80A30297FCEB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02C3CE6D-BD54-48B1-A188-8E53DA001424\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"498991F7-39D6-428C-8C7D-DD8DC72A0346\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"113772B6-E9D2-4094-9468-3F4E1A87D07D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7B90D36-5124-4669-8462-4EAF35B0F53D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C45A38D6-BED6-4FEF-AD87-A1E813695DE0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1FC2B1F-232E-4754-8076-CC82F3648730\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F1127D2-12C0-454F-91EF-5EE334070D06\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D6EB963-E0F2-4A02-8765-AB2064BE19E9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"785FD17C-F32E-4042-9DDE-A89B3AAE0334\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEAAF99B-5406-4722-81FB-A91CBAC2DF41\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73DC1E93-561E-490C-AE0E-B02BAB9A7C8E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF467E2-4567-426E-8F48-39669E0F514C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63842B25-8C32-4988-BBBD-61E9CB09B4F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68EA1FEF-B6B6-49FE-A0A4-5387F76303F8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40D6DB7F-C025-4971-9615-73393ED61078\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4364ADB9-8162-451D-806A-B98924E6B2CF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B53BCB42-ED61-4FCF-8068-CB467631C63C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"737C724A-B6CD-4FF7-96E0-EBBF645D660E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7067AEC7-DFC8-4437-9338-C5165D9A8F36\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E0371B-FDE2-473C-AA59-47E1269D050F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"489D11EC-5A18-4F32-BC7C-AC1FCEC27222\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71D4CF15-B293-4403-A1A9-96AD3933BAEF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBCC1515-2DBE-4DF2-8E83-29A869170F36\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BC5293E-F2B4-46DC-85DA-167EA323FCFD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7282AAFF-ED18-4992-AC12-D953C35EC328\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA022E77-6557-4A33-9A3A-D028E2DB669A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"360409CC-4172-4878-A76B-EA1C1F8C7A79\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8D5D5E2-B40B-475D-9EF3-8441016E37E9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63BE0266-1C00-4D6A-AD96-7F82532ABAA7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73F59A4B-AE92-4533-8EDC-D1DD850309FF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"492A2C86-DD38-466B-9965-77629A73814F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FB7AA46-4018-4925-963E-719E1037F759\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31B9D1E4-10B9-4B6F-B848-D93ABF6486D6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_a\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB270C45-756E-400A-979F-D07D750C881A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E8A085C-2DBA-4269-AB01-B16019FBB4DA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_b\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A79DD582-AF68-44F1-B640-766B46EF2BE2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B04484DA-AA59-4833-916E-6A8C96D34F0D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"768BE390-5ED5-48A7-9E80-C4DE8BA979B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D07B5399-44C7-468D-9D57-BB5B5E26CE50\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDC2F709-AFBE-48EA-A3A2-DA1134534FB6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76FB64F-16F0-4B0B-B304-B46258D434BA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E02DC82-0D26-436F-BA64-73C958932B0A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E128053-834B-4DD5-A517-D14B4FC2B56F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"163743A1-09E7-4EC5-8ECA-79E4B9CE173B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE340E4C-DC48-4FC8-921B-EE304DB5AE0A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C367BBE0-D71F-4CB5-B50E-72B033E73FE1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85E1D224-4751-4233-A127-A041068C804A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD31B075-01B1-429E-83F4-B999356A0EB9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3284D16F-3275-4F8D-8AE4-D413DE19C4FA\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/10/7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/19/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/20/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://blog.vespa.ai/cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1216123\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/Azure/AKS/issues/3947\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/Kong/kong/discussions/11741\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-vx74-f528-fxqg\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/akka/akka-http/issues/4323\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/alibaba/tengine/issues/1872\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/apisix/issues/10320\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd-site/pull/10\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/trafficserver/pull/10564\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/bcdannyboy/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/issues/5877\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/dotnet/announcements/issues/277\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/eclipse/jetty.project/issues/10679\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/envoyproxy/envoy/pull/30055\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/etcd-io/etcd/issues/16740\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/facebook/proxygen/pull/466\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/golang/go/issues/63417\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/grpc/grpc-go/pull/6703\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/grpc/grpc/releases/tag/v1.59.2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://github.com/h2o/h2o/pull/3291\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/haproxy/haproxy/issues/2312\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/junkurihara/rust-rpxy/issues/97\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/issues/93\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kubernetes/kubernetes/pull/121120\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/line/armeria/pull/5232\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/micrictor/http2-rst-stream\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/microsoft/CBL-Mariner/pull/6381\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/pull/1961\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ninenines/cowboy/issues/1615\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/nodejs/node/pull/50121\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/openresty/openresty/issues/930\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/opensearch-project/data-prepper/issues/3474\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/oqtane/oqtane.framework/discussions/3367\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/projectcontour/contour/pull/5826\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/tempesta-tech/tempesta/issues/1986\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/varnishcache/varnish-cache/issues/3996\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://istio.io/latest/news/security/istio-security-2023-004/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://my.f5.com/manage/s/article/K000137106\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://netty.io/news/2023/10/10/4-1-100-Final.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830987\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830998\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Press/Media Coverage\"]},{\"url\":\"https://news.ycombinator.com/item?id=37831062\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37837043\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231016-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240426-0007/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0007/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.paloaltonetworks.com/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5521\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5522\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5540\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5549\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5558\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5570\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/19/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/20/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/08/13/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://blog.vespa.ai/cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1216123\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/Azure/AKS/issues/3947\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/Kong/kong/discussions/11741\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-vx74-f528-fxqg\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/akka/akka-http/issues/4323\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/alibaba/tengine/issues/1872\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/apisix/issues/10320\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd-site/pull/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/trafficserver/pull/10564\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/bcdannyboy/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/issues/5877\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/dotnet/announcements/issues/277\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/eclipse/jetty.project/issues/10679\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/envoyproxy/envoy/pull/30055\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/etcd-io/etcd/issues/16740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/facebook/proxygen/pull/466\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/golang/go/issues/63417\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/grpc/grpc-go/pull/6703\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/pull/3291\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/haproxy/haproxy/issues/2312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/junkurihara/rust-rpxy/issues/97\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/issues/93\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kubernetes/kubernetes/pull/121120\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/line/armeria/pull/5232\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/micrictor/http2-rst-stream\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/microsoft/CBL-Mariner/pull/6381\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/pull/1961\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ninenines/cowboy/issues/1615\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/nodejs/node/pull/50121\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/openresty/openresty/issues/930\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/opensearch-project/data-prepper/issues/3474\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/oqtane/oqtane.framework/discussions/3367\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/projectcontour/contour/pull/5826\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/tempesta-tech/tempesta/issues/1986\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/varnishcache/varnish-cache/issues/3996\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://istio.io/latest/news/security/istio-security-2023-004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://my.f5.com/manage/s/article/K000137106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://netty.io/news/2023/10/10/4-1-100-Final.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830987\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830998\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Press/Media Coverage\"]},{\"url\":\"https://news.ycombinator.com/item?id=37831062\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37837043\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231016-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240426-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.paloaltonetworks.com/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5521\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5522\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5540\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5549\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5558\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-341067.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-784301.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-832273.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37831062\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/envoyproxy/envoy/pull/30055\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/haproxy/haproxy/issues/2312\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/eclipse/jetty.project/issues/10679\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nghttp2/nghttp2/pull/1961\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/alibaba/tengine/issues/1872\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37830987\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37830998\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/caddyserver/caddy/issues/5877\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/bcdannyboy/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/grpc/grpc-go/pull/6703\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://my.f5.com/manage/s/article/K000137106\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/microsoft/CBL-Mariner/pull/6381\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/facebook/proxygen/pull/466\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/micrictor/http2-rst-stream\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/h2o/h2o/pull/3291\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nodejs/node/pull/50121\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/dotnet/announcements/issues/277\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/golang/go/issues/63417\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-vx74-f528-fxqg\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/trafficserver/pull/10564\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/10/10/6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/opensearch-project/data-prepper/issues/3474\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kubernetes/kubernetes/pull/121120\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/oqtane/oqtane.framework/discussions/3367\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://netty.io/news/2023/10/10/4-1-100-Final.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37837043\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kazu-yamamoto/http2/issues/93\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5522\", \"name\": \"DSA-5522\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5521\", \"name\": \"DSA-5521\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/ninenines/cowboy/issues/1615\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/varnishcache/varnish-cache/issues/3996\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/tempesta-tech/tempesta/issues/1986\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.vespa.ai/cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/etcd-io/etcd/issues/16740\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://istio.io/latest/news/security/istio-security-2023-004/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/junkurihara/rust-rpxy/issues/97\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1216123\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/httpd-site/pull/10\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/projectcontour/contour/pull/5826\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/line/armeria/pull/5232\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/akka/akka-http/issues/4323\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/openresty/openresty/issues/930\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/apisix/issues/10320\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/Azure/AKS/issues/3947\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/Kong/kong/discussions/11741\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\", \"name\": \"[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/4\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/9\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\", \"name\": \"FEDORA-2023-ed2642fd58\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231016-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/4\", \"name\": \"[oss-security] 20231018 Vulnerability in Jenkins\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/8\", \"name\": \"[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/19/6\", \"name\": \"[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\", \"name\": \"FEDORA-2023-54fadada12\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\", \"name\": \"FEDORA-2023-5ff7bf1dd8\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/20/8\", \"name\": \"[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\", \"name\": \"FEDORA-2023-17efd3f2cd\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\", \"name\": \"FEDORA-2023-d5030c983c\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\", \"name\": \"FEDORA-2023-0259c3f26f\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\", \"name\": \"FEDORA-2023-2a9214af5f\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\", \"name\": \"FEDORA-2023-e9c04d81c1\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\", \"name\": \"FEDORA-2023-f66fc0f62a\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\", \"name\": \"FEDORA-2023-4d2fd884ea\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\", \"name\": \"FEDORA-2023-b2c50535cb\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"name\": \"FEDORA-2023-fe53e13b5b\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"name\": \"FEDORA-2023-4bf641255e\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\", \"name\": \"[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5540\", \"name\": \"DSA-5540\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\", \"name\": \"[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\", \"name\": \"FEDORA-2023-1caffb88af\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\", \"name\": \"FEDORA-2023-3f70b8d406\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\", \"name\": \"FEDORA-2023-7b52921cae\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\", \"name\": \"FEDORA-2023-7934802344\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\", \"name\": \"FEDORA-2023-dbe64661af\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"name\": \"FEDORA-2023-822aab0a5a\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\", \"name\": \"[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5549\", \"name\": \"DSA-5549\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\", \"name\": \"FEDORA-2023-c0c6a91330\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\", \"name\": \"FEDORA-2023-492b7be466\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5558\", \"name\": \"DSA-5558\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\", \"name\": \"[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"name\": \"GLSA-202311-09\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5570\", \"name\": \"DSA-5570\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0007/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0007/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2025/08/13/6\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T21:08:27.383Z\"}}, {\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM APE1808\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SINEC NMS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-832273.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-341067.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-784301.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-05-12T10:52:23.784Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-44487\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-23T20:34:21.334116Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2023-10-10\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*\"], \"vendor\": \"ietf\", \"product\": \"http\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0\"}], \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-10-10T00:00:00.000Z\", \"value\": \"CVE-2023-44487 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-16T18:31:22.372Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\"}, {\"url\": \"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\"}, {\"url\": \"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\"}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\"}, {\"url\": \"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\"}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\"}, {\"url\": \"https://news.ycombinator.com/item?id=37831062\"}, {\"url\": \"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\"}, {\"url\": \"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\"}, {\"url\": \"https://github.com/envoyproxy/envoy/pull/30055\"}, {\"url\": \"https://github.com/haproxy/haproxy/issues/2312\"}, {\"url\": \"https://github.com/eclipse/jetty.project/issues/10679\"}, {\"url\": \"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\"}, {\"url\": \"https://github.com/nghttp2/nghttp2/pull/1961\"}, {\"url\": \"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\"}, {\"url\": \"https://github.com/alibaba/tengine/issues/1872\"}, {\"url\": \"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\"}, {\"url\": \"https://news.ycombinator.com/item?id=37830987\"}, {\"url\": \"https://news.ycombinator.com/item?id=37830998\"}, {\"url\": \"https://github.com/caddyserver/caddy/issues/5877\"}, {\"url\": \"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\"}, {\"url\": \"https://github.com/bcdannyboy/CVE-2023-44487\"}, {\"url\": \"https://github.com/grpc/grpc-go/pull/6703\"}, {\"url\": \"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\"}, {\"url\": \"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\"}, {\"url\": \"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\"}, {\"url\": \"https://my.f5.com/manage/s/article/K000137106\"}, {\"url\": \"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\"}, {\"url\": \"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\"}, {\"url\": \"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/10/7\", \"name\": \"[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/10/6\", \"name\": \"[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\"}, {\"url\": \"https://github.com/microsoft/CBL-Mariner/pull/6381\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\"}, {\"url\": \"https://github.com/facebook/proxygen/pull/466\"}, {\"url\": \"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\"}, {\"url\": \"https://github.com/micrictor/http2-rst-stream\"}, {\"url\": \"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\"}, {\"url\": \"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\"}, {\"url\": \"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\"}, {\"url\": \"https://github.com/h2o/h2o/pull/3291\"}, {\"url\": \"https://github.com/nodejs/node/pull/50121\"}, {\"url\": \"https://github.com/dotnet/announcements/issues/277\"}, {\"url\": \"https://github.com/golang/go/issues/63417\"}, {\"url\": \"https://github.com/advisories/GHSA-vx74-f528-fxqg\"}, {\"url\": \"https://github.com/apache/trafficserver/pull/10564\"}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\"}, {\"url\": \"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\"}, {\"url\": \"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/10/10/6\"}, {\"url\": \"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\"}, {\"url\": \"https://github.com/opensearch-project/data-prepper/issues/3474\"}, {\"url\": \"https://github.com/kubernetes/kubernetes/pull/121120\"}, {\"url\": \"https://github.com/oqtane/oqtane.framework/discussions/3367\"}, {\"url\": \"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\"}, {\"url\": \"https://netty.io/news/2023/10/10/4-1-100-Final.html\"}, {\"url\": \"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\"}, {\"url\": \"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\"}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\"}, {\"url\": \"https://news.ycombinator.com/item?id=37837043\"}, {\"url\": \"https://github.com/kazu-yamamoto/http2/issues/93\"}, {\"url\": \"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\"}, {\"url\": \"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\"}, {\"url\": \"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5522\", \"name\": \"DSA-5522\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5521\", \"name\": \"DSA-5521\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-44487\"}, {\"url\": \"https://github.com/ninenines/cowboy/issues/1615\"}, {\"url\": \"https://github.com/varnishcache/varnish-cache/issues/3996\"}, {\"url\": \"https://github.com/tempesta-tech/tempesta/issues/1986\"}, {\"url\": \"https://blog.vespa.ai/cve-2023-44487/\"}, {\"url\": \"https://github.com/etcd-io/etcd/issues/16740\"}, {\"url\": \"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\"}, {\"url\": \"https://istio.io/latest/news/security/istio-security-2023-004/\"}, {\"url\": \"https://github.com/junkurihara/rust-rpxy/issues/97\"}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1216123\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\"}, {\"url\": \"https://ubuntu.com/security/CVE-2023-44487\"}, {\"url\": \"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\"}, {\"url\": \"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\"}, {\"url\": \"https://github.com/apache/httpd-site/pull/10\"}, {\"url\": \"https://github.com/projectcontour/contour/pull/5826\"}, {\"url\": \"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\"}, {\"url\": \"https://github.com/line/armeria/pull/5232\"}, {\"url\": \"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\"}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2023-44487\"}, {\"url\": \"https://github.com/akka/akka-http/issues/4323\"}, {\"url\": \"https://github.com/openresty/openresty/issues/930\"}, {\"url\": \"https://github.com/apache/apisix/issues/10320\"}, {\"url\": \"https://github.com/Azure/AKS/issues/3947\"}, {\"url\": \"https://github.com/Kong/kong/discussions/11741\"}, {\"url\": \"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\"}, {\"url\": \"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\"}, {\"url\": \"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\", \"name\": \"[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/4\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/9\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\"}, {\"url\": \"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\", \"name\": \"FEDORA-2023-ed2642fd58\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231016-0001/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/4\", \"name\": \"[oss-security] 20231018 Vulnerability in Jenkins\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/8\", \"name\": \"[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/19/6\", \"name\": \"[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\", \"name\": \"FEDORA-2023-54fadada12\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\", \"name\": \"FEDORA-2023-5ff7bf1dd8\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/20/8\", \"name\": \"[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\", \"name\": \"FEDORA-2023-17efd3f2cd\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\", \"name\": \"FEDORA-2023-d5030c983c\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\", \"name\": \"FEDORA-2023-0259c3f26f\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\", \"name\": \"FEDORA-2023-2a9214af5f\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\", \"name\": \"FEDORA-2023-e9c04d81c1\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\", \"name\": \"FEDORA-2023-f66fc0f62a\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\", \"name\": \"FEDORA-2023-4d2fd884ea\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\", \"name\": \"FEDORA-2023-b2c50535cb\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"name\": \"FEDORA-2023-fe53e13b5b\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"name\": \"FEDORA-2023-4bf641255e\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\", \"name\": \"[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5540\", \"name\": \"DSA-5540\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\", \"name\": \"[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\", \"name\": \"FEDORA-2023-1caffb88af\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\", \"name\": \"FEDORA-2023-3f70b8d406\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\", \"name\": \"FEDORA-2023-7b52921cae\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\", \"name\": \"FEDORA-2023-7934802344\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\", \"name\": \"FEDORA-2023-dbe64661af\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"name\": \"FEDORA-2023-822aab0a5a\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\", \"name\": \"[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5549\", \"name\": \"DSA-5549\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\", \"name\": \"FEDORA-2023-c0c6a91330\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\", \"name\": \"FEDORA-2023-492b7be466\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5558\", \"name\": \"DSA-5558\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\", \"name\": \"[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"name\": \"GLSA-202311-09\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5570\", \"name\": \"DSA-5570\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0007/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0007/\"}, {\"url\": \"https://github.com/grpc/grpc/releases/tag/v1.59.2\"}, {\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-06-07T20:05:34.376Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-44487\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-12T10:52:23.784Z\", \"dateReserved\": \"2023-09-29T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2023-10-10T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2023_7205
Vulnerability from csaf_redhat - Published: 2023-11-14 17:00 - Updated: 2024-12-17 02:50When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to node's policy implementation, thus effectively disabling the integrity check.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
A previously disclosed vulnerability (CVE-2023-30584) was patched insufficiently. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings (see CVE-2023-30584) and Buffer objects (see CVE-2023-32004), but not through non-Buffer Uint8Array objects.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the Undici node package due to the occurrence of Cross-origin requests, possibly leading to a cookie header leakage. By default, cookie headers are forbidden request headers, and they must be enabled. This flaw allows a malicious user to access this leaked cookie if they have control of the redirection.
CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nSecurity Fix(es):\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* nodejs: permission model improperly protects against path traversal (CVE-2023-39331)\n\n* nodejs: path traversal through path stored in Uint8Array (CVE-2023-39332)\n\n* nodejs: integrity checks according to policies can be circumvented (CVE-2023-38552)\n\n* nodejs: code injection via WebAssembly export names (CVE-2023-39333)\n\n* node-undici: cookie leakage (CVE-2023-45143)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7205",
"url": "https://access.redhat.com/errata/RHSA-2023:7205"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2244104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244104"
},
{
"category": "external",
"summary": "2244413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244413"
},
{
"category": "external",
"summary": "2244414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244414"
},
{
"category": "external",
"summary": "2244415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244415"
},
{
"category": "external",
"summary": "2244418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244418"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7205.json"
}
],
"title": "Red Hat Security Advisory: nodejs:20 security update",
"tracking": {
"current_release_date": "2024-12-17T02:50:55+00:00",
"generator": {
"date": "2024-12-17T02:50:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:7205",
"initial_release_date": "2023-11-14T17:00:27+00:00",
"revision_history": [
{
"date": "2023-11-14T17:00:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-14T17:00:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T02:50:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs:20:8090020231019152822:a75119d5",
"product": {
"name": "nodejs:20:8090020231019152822:a75119d5",
"product_id": "nodejs:20:8090020231019152822:a75119d5",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/nodejs@20:8090020231019152822:a75119d5"
}
}
},
{
"category": "product_version",
"name": "nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"product": {
"name": "nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"product_id": "nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-docs@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"product": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"product_id": "nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@3.0.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"product": {
"name": "nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"product_id": "nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-4.module%2Bel8.9.0%2B19519%2Be25b965a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"product": {
"name": "nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"product_id": "nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging-bundler@2021.06-4.module%2Bel8.9.0%2B19519%2Be25b965a?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product": {
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product_id": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product": {
"name": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product_id": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product": {
"name": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product_id": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product": {
"name": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product_id": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product": {
"name": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product_id": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"product": {
"name": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"product_id": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.1.0-1.20.8.1.1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"product": {
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"product_id": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"product": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"product_id": "nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-nodemon@3.0.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=src"
}
}
},
{
"category": "product_version",
"name": "nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"product": {
"name": "nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"product_id": "nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-packaging@2021.06-4.module%2Bel8.9.0%2B19519%2Be25b965a?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product": {
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product_id": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product": {
"name": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product_id": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product": {
"name": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product_id": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product": {
"name": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product_id": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product": {
"name": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product_id": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product": {
"name": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product_id": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.1.0-1.20.8.1.1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product": {
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product_id": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product": {
"name": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product_id": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product": {
"name": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product_id": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product": {
"name": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product_id": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product": {
"name": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product_id": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"product": {
"name": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"product_id": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.1.0-1.20.8.1.1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product": {
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product_id": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product": {
"name": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product_id": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debuginfo@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product": {
"name": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product_id": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-debugsource@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product": {
"name": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product_id": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-devel@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product": {
"name": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product_id": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-full-i18n@20.8.1-1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64",
"product": {
"name": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64",
"product_id": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/npm@10.1.0-1.20.8.1.1.module%2Bel8.9.0%2B20473%2Bc4e3d824?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
"product_reference": "nodejs:20:8090020231019152822:a75119d5",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64"
},
"product_reference": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le"
},
"product_reference": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x"
},
"product_reference": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src"
},
"product_reference": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64"
},
"product_reference": "nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64"
},
"product_reference": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le"
},
"product_reference": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x"
},
"product_reference": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64"
},
"product_reference": "nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64"
},
"product_reference": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le"
},
"product_reference": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x"
},
"product_reference": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64"
},
"product_reference": "nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64"
},
"product_reference": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le"
},
"product_reference": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x"
},
"product_reference": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64"
},
"product_reference": "nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch"
},
"product_reference": "nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64 as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64"
},
"product_reference": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le"
},
"product_reference": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x"
},
"product_reference": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64 as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64"
},
"product_reference": "nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch"
},
"product_reference": "nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src"
},
"product_reference": "nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch"
},
"product_reference": "nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src"
},
"product_reference": "nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch"
},
"product_reference": "nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64 as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64"
},
"product_reference": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le"
},
"product_reference": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x"
},
"product_reference": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64 as a component of nodejs:20:8090020231019152822:a75119d5 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
},
"product_reference": "npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-38552",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"discovery_date": "2023-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2244415"
}
],
"notes": [
{
"category": "description",
"text": "When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to node\u0027s policy implementation, thus effectively disabling the integrity check.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: integrity checks according to policies can be circumvented",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38552"
},
{
"category": "external",
"summary": "RHBZ#2244415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38552"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38552",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38552"
}
],
"release_date": "2023-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T17:00:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7205"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs: integrity checks according to policies can be circumvented"
},
{
"cve": "CVE-2023-39331",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2023-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2244413"
}
],
"notes": [
{
"category": "description",
"text": "A previously disclosed vulnerability (CVE-2023-30584) was patched insufficiently. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: permission model improperly protects against path traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39331"
},
{
"category": "external",
"summary": "RHBZ#2244413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39331"
}
],
"release_date": "2023-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T17:00:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7205"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs: permission model improperly protects against path traversal"
},
{
"cve": "CVE-2023-39332",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2023-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2244414"
}
],
"notes": [
{
"category": "description",
"text": "Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings (see CVE-2023-30584) and Buffer objects (see CVE-2023-32004), but not through non-Buffer Uint8Array objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: path traversal through path stored in Uint8Array",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39332"
},
{
"category": "external",
"summary": "RHBZ#2244414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244414"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39332",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39332"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39332",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39332"
}
],
"release_date": "2023-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T17:00:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7205"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs: path traversal through path stored in Uint8Array"
},
{
"cve": "CVE-2023-39333",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2023-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2244418"
}
],
"notes": [
{
"category": "description",
"text": "Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs: code injection via WebAssembly export names",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The inclusion of nodejs:20/nodejs commenced with RHEL-9.3 GA through RHEA-2023:6529 (https://access.redhat.com/errata/RHEA-2023:6529), which inherently incorporates the fix for CVE-2023-39333. Hence, Nodejs-20, as shipped with Red Hat Enterprise Linux 9, is not affected by this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39333"
},
{
"category": "external",
"summary": "RHBZ#2244418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39333",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39333"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39333",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39333"
}
],
"release_date": "2023-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T17:00:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7205"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs: code injection via WebAssembly export names"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T17:00:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7205"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
},
{
"cve": "CVE-2023-45143",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2244104"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Undici node package due to the occurrence of Cross-origin requests, possibly leading to a cookie header leakage. By default, cookie headers are forbidden request headers, and they must be enabled. This flaw allows a malicious user to access this leaked cookie if they have control of the redirection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-undici: cookie leakage",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Since this requires a non-standard configuration, as well as control of the redirection, Red Hat rates this as having a Low impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45143"
},
{
"category": "external",
"summary": "RHBZ#2244104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244104"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45143",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45143"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-wqq4-5wpv-mx2g",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-wqq4-5wpv-mx2g"
}
],
"release_date": "2023-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T17:00:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7205"
},
{
"category": "workaround",
"details": "No current mitigation is available.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debuginfo-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-debugsource-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-devel-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-docs-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-full-i18n-1:20.8.1-1.module+el8.9.0+20473+c4e3d824.x86_64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-nodemon-0:3.0.1-1.module+el8.9.0+20473+c4e3d824.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-0:2021.06-4.module+el8.9.0+19519+e25b965a.src",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:nodejs-packaging-bundler-0:2021.06-4.module+el8.9.0+19519+e25b965a.noarch",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.aarch64",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.ppc64le",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.s390x",
"AppStream-8.9.0.Z.MAIN:nodejs:20:8090020231019152822:a75119d5:npm-1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "node-undici: cookie leakage"
}
]
}
RHSA-2023_7215
Vulnerability from csaf_redhat - Published: 2023-11-15 00:16 - Updated: 2024-12-18 04:55A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le | — |
Workaround
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 2.2.12 Containers\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7215",
"url": "https://access.redhat.com/errata/RHSA-2023:7215"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7215.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.2.12",
"tracking": {
"current_release_date": "2024-12-18T04:55:41+00:00",
"generator": {
"date": "2024-12-18T04:55:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:7215",
"initial_release_date": "2023-11-15T00:16:31+00:00",
"revision_history": [
{
"date": "2023-11-15T00:16:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-15T00:16:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:55:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.2 for RHEL 8",
"product": {
"name": "RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.2.12-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.2.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.48.11-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.2.12-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.2.12-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64",
"product": {
"name": "openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64",
"product_id": "openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8\u0026tag=2.2.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.2.12-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.2.12-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.2.12-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.2.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.48.11-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.2.12-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.2.12-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le",
"product": {
"name": "openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le",
"product_id": "openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8\u0026tag=2.2.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.2.12-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.2.12-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.2.12-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.2.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.48.11-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.2.12-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.2.12-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x",
"product": {
"name": "openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x",
"product_id": "openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8\u0026tag=2.2.12-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.2.12-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.2.12-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x"
},
"product_reference": "openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le"
},
"product_reference": "openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64"
},
"product_reference": "openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64"
],
"known_not_affected": [
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T00:16:31+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7215"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x"
],
"known_not_affected": [
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T00:16:31+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7215"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:2ac0267f703527a6af7cf822ac8dc33f8e27a8784c2091c6894ea9d4faeff290_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:c9462389f5c148c9fa855aa54786ab28e0a522c2576e139f254c72f3135e824c_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:dcfa0e73a89d2ad273720c209dd94fe3b652c5606d196d4962a2f662ed834612_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a0f0fcdf2d1be20c4b483d338803b4f968ed6a51ee842bae3f2539aaea660b36_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:ef9adad3d6ccc52944aa6a7be7537a3fd2cef1984c09f4b57a32d5670903b679_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:fcc2034b3448c92e1ac6c3848def79942238733d4acf03ae2e5a2b84be0c6545_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:3061637ecdeac036dc9171f5b079daa0a4a193589161e90920c681abb27c5ce3_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:7834412d7ae6f8d1b4610a373245a675904f141534211e56657f47be68ff35a2_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a3031870bd2199c28e754585b57363f953818bd20bf9ad04f5545e0eb4ae4793_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:081d9b91f85a9fa135ddaf993b67ba01282205b5e87d31cffa1a9e659a430a61_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:63ce7982aa4fe759dbe7acc497105da41f6426268678df4c8407ef7da94f5965_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:b426bab535c9417d2ed4951153ef03c06d95060a3378f8621b5eb3436995aa8e_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:6851a60e3242789f67637d596959580c96fcd5221d71ad83e21ead53f0ba9856_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:818fc5474a2bea0400b6b022cca31f522ea05b58bfa57fca1f6cb20efeb140f7_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:b654048f91103418e1c503a9b45b9890c868892e746218fb26a6768a842a6310_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:681efb513c3eb27dce5e1225964fb1f076e7f5d5951ea0fcbf12ebe633df0602_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:b2e2fbd17082d59a1fbf9e55c04b767763d968747e232bfb4789376ed1bb08cc_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:dbcf658a5354b9b7d412826a77cfb0ce889c4704634f5d13325161021feff81e_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:208a5000e943fb68e2c2cfea0ac6223fdc6a43363b19fb3ac3e6c19326afa464_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4abe159e450801e062a3afceff661ab25dc57ea122ce58269b2f3566a55c8dc2_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7cc28d4baf68ca0902d7dc44d9fc2a9ac626268fd4320d17caa3f22cc08618c1_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:096bf95cdba671943bb9f7ec5f804201c1cf06607a164c7b76ef745c26c82d73_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8a5a8bc6a54cd64330926478ac29f568ac5c83cc9550852d439ccc4cbd0b5ab5_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:cc5d972cb2ba30e147c76202dc315a08bdba41906f808e95d8b134bfe446fc89_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_7218
Vulnerability from csaf_redhat - Published: 2023-11-15 01:02 - Updated: 2024-12-17 02:52A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:4b9879b5a7d6003b0c9586a11c2062a78794a6f92fe9ecc14da80e04149a62f8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:7a2bbedd258140f7767e206523d21fdf407ec5596f10ad3c0936c92863939313_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:b8b8d224ada7a865ddf79b36b493c3fc93f6b89f03dcb5bf6329ae2f538002aa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:6793da0209a2427a3280287c514e0f6c1f4927e65fd2079d7b1528b1d074cba6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:cb0727de29d42ac9c79bf51474b72fb55f04fdc2a05876e944443669750f5ee6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:ecc37b90a477748766aa11784966f695b83e6e1a2d4eca48fd9167f920c33615_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:0c17aa8140a586ec4271f10f252e65a380f25cc73d79a3ab20e37b4cf5b0f51c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:45c6a0a49602a2866490ae59036b5a585d243cdc7e802055b34eb2e8ebbbc98d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:f9cec2eac1dbd3d19ce6e9d7d7c654f8eba96882dc3a5df9ad5b8cbd02e88bb9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:6e3792f846dd8f3b3a2117b46b8abcfe85ad5118eac0acf83bb007390d12fd05_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:c1fbd5600ce0eaa118012e9d7a0a3e7b4d75b5c78b369f6cb3525aee7eae93a7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:e0aa6130e69dd838e31a9a8800ed518c00c73f67a24a4bcf0d572c757d68b5ee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:0964ed8ca8a915f0f2b3ac4cc8aa7d885e541595a9ed959a18fffc771f591716_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:b2c25eb3dff374616b87f57caec0215af803b725b1f01784de808ee4d23068c8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:c0062d91d15628ccc35133b67bcedb82076ed22b5c180fdfbae360c8e25e8a47_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:3feee1b84375b7e5e936bab7d4d2340be0452bbfda959e5d1aec520f0f606887_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:8f7e525974f388a0c33e227e9cd283b16edcf085819f89a37e41f27a872fa832_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:fe37c0a672e97518b01abf7b998d50dd79e47bcd7e1d60950d64b812a599f8cd_arm64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "This is an update for the Red Hat OpenShift Kernel Module Management 1.1 operator and images to address CVE-2023-44487 which Red Hat has assessed as being Important (sees https://access.redhat.com/security/cve/CVE-2023-44487 for details)\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nIt releases an updated versions of the Kernel Module Management bringing it to v1.1.2\nAs part of this it updates the following container images that constitute the Kernel Module Management Operator:\nkernel-module-management-signing\nkernel-module-management-operator\nkernel-module-management-worker\nkernel-module-management-hub-operator\nkernel-module-management-must-gather\nkernel-module-management-hub-operator-bundle\nkernel-module-management-operator-bundle",
"title": "Topic"
},
{
"category": "general",
"text": "kernel module management is Red Hat\u0027s operator designed to load and manage out-of-tree kernel modules and device plugins for Red Hat OpenShift Container Platform.\n\nThis advisory contains kernel module management 1.1.2 images to address CVE-2023-44487\n\nSecurity Fix(es):\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7218",
"url": "https://access.redhat.com/errata/RHSA-2023:7218"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7218.json"
}
],
"title": "Red Hat Security Advisory: Kernel Module Management security update",
"tracking": {
"current_release_date": "2024-12-17T02:52:51+00:00",
"generator": {
"date": "2024-12-17T02:52:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:7218",
"initial_release_date": "2023-11-15T01:02:10+00:00",
"revision_history": [
{
"date": "2023-11-15T01:02:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-15T01:02:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T02:52:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "kmm 1.1 for RHEL 9",
"product": {
"name": "kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:kernel_module_management:1.1::el9"
}
}
}
],
"category": "product_family",
"name": "Kernel Module Management"
},
{
"branches": [
{
"category": "product_version",
"name": "kmm/kernel-module-management-hub-operator-bundle@sha256:7a2bbedd258140f7767e206523d21fdf407ec5596f10ad3c0936c92863939313_amd64",
"product": {
"name": "kmm/kernel-module-management-hub-operator-bundle@sha256:7a2bbedd258140f7767e206523d21fdf407ec5596f10ad3c0936c92863939313_amd64",
"product_id": "kmm/kernel-module-management-hub-operator-bundle@sha256:7a2bbedd258140f7767e206523d21fdf407ec5596f10ad3c0936c92863939313_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-hub-operator-bundle@sha256:7a2bbedd258140f7767e206523d21fdf407ec5596f10ad3c0936c92863939313?arch=amd64\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-hub-operator-bundle\u0026tag=v1.1.2-7"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-hub-rhel9-operator@sha256:ecc37b90a477748766aa11784966f695b83e6e1a2d4eca48fd9167f920c33615_amd64",
"product": {
"name": "kmm/kernel-module-management-hub-rhel9-operator@sha256:ecc37b90a477748766aa11784966f695b83e6e1a2d4eca48fd9167f920c33615_amd64",
"product_id": "kmm/kernel-module-management-hub-rhel9-operator@sha256:ecc37b90a477748766aa11784966f695b83e6e1a2d4eca48fd9167f920c33615_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-hub-rhel9-operator@sha256:ecc37b90a477748766aa11784966f695b83e6e1a2d4eca48fd9167f920c33615?arch=amd64\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-hub-rhel9-operator\u0026tag=1.1.2-2"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-must-gather-rhel9@sha256:0c17aa8140a586ec4271f10f252e65a380f25cc73d79a3ab20e37b4cf5b0f51c_amd64",
"product": {
"name": "kmm/kernel-module-management-must-gather-rhel9@sha256:0c17aa8140a586ec4271f10f252e65a380f25cc73d79a3ab20e37b4cf5b0f51c_amd64",
"product_id": "kmm/kernel-module-management-must-gather-rhel9@sha256:0c17aa8140a586ec4271f10f252e65a380f25cc73d79a3ab20e37b4cf5b0f51c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-must-gather-rhel9@sha256:0c17aa8140a586ec4271f10f252e65a380f25cc73d79a3ab20e37b4cf5b0f51c?arch=amd64\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-must-gather-rhel9\u0026tag=1.1.2-2"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-operator-bundle@sha256:6e3792f846dd8f3b3a2117b46b8abcfe85ad5118eac0acf83bb007390d12fd05_amd64",
"product": {
"name": "kmm/kernel-module-management-operator-bundle@sha256:6e3792f846dd8f3b3a2117b46b8abcfe85ad5118eac0acf83bb007390d12fd05_amd64",
"product_id": "kmm/kernel-module-management-operator-bundle@sha256:6e3792f846dd8f3b3a2117b46b8abcfe85ad5118eac0acf83bb007390d12fd05_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-operator-bundle@sha256:6e3792f846dd8f3b3a2117b46b8abcfe85ad5118eac0acf83bb007390d12fd05?arch=amd64\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-operator-bundle\u0026tag=v1.1.2-7"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-rhel9-operator@sha256:b2c25eb3dff374616b87f57caec0215af803b725b1f01784de808ee4d23068c8_amd64",
"product": {
"name": "kmm/kernel-module-management-rhel9-operator@sha256:b2c25eb3dff374616b87f57caec0215af803b725b1f01784de808ee4d23068c8_amd64",
"product_id": "kmm/kernel-module-management-rhel9-operator@sha256:b2c25eb3dff374616b87f57caec0215af803b725b1f01784de808ee4d23068c8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-rhel9-operator@sha256:b2c25eb3dff374616b87f57caec0215af803b725b1f01784de808ee4d23068c8?arch=amd64\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-rhel9-operator\u0026tag=1.1.2-2"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-signing-rhel9@sha256:8f7e525974f388a0c33e227e9cd283b16edcf085819f89a37e41f27a872fa832_amd64",
"product": {
"name": "kmm/kernel-module-management-signing-rhel9@sha256:8f7e525974f388a0c33e227e9cd283b16edcf085819f89a37e41f27a872fa832_amd64",
"product_id": "kmm/kernel-module-management-signing-rhel9@sha256:8f7e525974f388a0c33e227e9cd283b16edcf085819f89a37e41f27a872fa832_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-signing-rhel9@sha256:8f7e525974f388a0c33e227e9cd283b16edcf085819f89a37e41f27a872fa832?arch=amd64\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-signing-rhel9\u0026tag=1.1.2-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "kmm/kernel-module-management-hub-operator-bundle@sha256:4b9879b5a7d6003b0c9586a11c2062a78794a6f92fe9ecc14da80e04149a62f8_arm64",
"product": {
"name": "kmm/kernel-module-management-hub-operator-bundle@sha256:4b9879b5a7d6003b0c9586a11c2062a78794a6f92fe9ecc14da80e04149a62f8_arm64",
"product_id": "kmm/kernel-module-management-hub-operator-bundle@sha256:4b9879b5a7d6003b0c9586a11c2062a78794a6f92fe9ecc14da80e04149a62f8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-hub-operator-bundle@sha256:4b9879b5a7d6003b0c9586a11c2062a78794a6f92fe9ecc14da80e04149a62f8?arch=arm64\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-hub-operator-bundle\u0026tag=v1.1.2-7"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-hub-rhel9-operator@sha256:cb0727de29d42ac9c79bf51474b72fb55f04fdc2a05876e944443669750f5ee6_arm64",
"product": {
"name": "kmm/kernel-module-management-hub-rhel9-operator@sha256:cb0727de29d42ac9c79bf51474b72fb55f04fdc2a05876e944443669750f5ee6_arm64",
"product_id": "kmm/kernel-module-management-hub-rhel9-operator@sha256:cb0727de29d42ac9c79bf51474b72fb55f04fdc2a05876e944443669750f5ee6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-hub-rhel9-operator@sha256:cb0727de29d42ac9c79bf51474b72fb55f04fdc2a05876e944443669750f5ee6?arch=arm64\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-hub-rhel9-operator\u0026tag=1.1.2-2"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-must-gather-rhel9@sha256:f9cec2eac1dbd3d19ce6e9d7d7c654f8eba96882dc3a5df9ad5b8cbd02e88bb9_arm64",
"product": {
"name": "kmm/kernel-module-management-must-gather-rhel9@sha256:f9cec2eac1dbd3d19ce6e9d7d7c654f8eba96882dc3a5df9ad5b8cbd02e88bb9_arm64",
"product_id": "kmm/kernel-module-management-must-gather-rhel9@sha256:f9cec2eac1dbd3d19ce6e9d7d7c654f8eba96882dc3a5df9ad5b8cbd02e88bb9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-must-gather-rhel9@sha256:f9cec2eac1dbd3d19ce6e9d7d7c654f8eba96882dc3a5df9ad5b8cbd02e88bb9?arch=arm64\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-must-gather-rhel9\u0026tag=1.1.2-2"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-operator-bundle@sha256:e0aa6130e69dd838e31a9a8800ed518c00c73f67a24a4bcf0d572c757d68b5ee_arm64",
"product": {
"name": "kmm/kernel-module-management-operator-bundle@sha256:e0aa6130e69dd838e31a9a8800ed518c00c73f67a24a4bcf0d572c757d68b5ee_arm64",
"product_id": "kmm/kernel-module-management-operator-bundle@sha256:e0aa6130e69dd838e31a9a8800ed518c00c73f67a24a4bcf0d572c757d68b5ee_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-operator-bundle@sha256:e0aa6130e69dd838e31a9a8800ed518c00c73f67a24a4bcf0d572c757d68b5ee?arch=arm64\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-operator-bundle\u0026tag=v1.1.2-7"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-rhel9-operator@sha256:c0062d91d15628ccc35133b67bcedb82076ed22b5c180fdfbae360c8e25e8a47_arm64",
"product": {
"name": "kmm/kernel-module-management-rhel9-operator@sha256:c0062d91d15628ccc35133b67bcedb82076ed22b5c180fdfbae360c8e25e8a47_arm64",
"product_id": "kmm/kernel-module-management-rhel9-operator@sha256:c0062d91d15628ccc35133b67bcedb82076ed22b5c180fdfbae360c8e25e8a47_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-rhel9-operator@sha256:c0062d91d15628ccc35133b67bcedb82076ed22b5c180fdfbae360c8e25e8a47?arch=arm64\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-rhel9-operator\u0026tag=1.1.2-2"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-signing-rhel9@sha256:fe37c0a672e97518b01abf7b998d50dd79e47bcd7e1d60950d64b812a599f8cd_arm64",
"product": {
"name": "kmm/kernel-module-management-signing-rhel9@sha256:fe37c0a672e97518b01abf7b998d50dd79e47bcd7e1d60950d64b812a599f8cd_arm64",
"product_id": "kmm/kernel-module-management-signing-rhel9@sha256:fe37c0a672e97518b01abf7b998d50dd79e47bcd7e1d60950d64b812a599f8cd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-signing-rhel9@sha256:fe37c0a672e97518b01abf7b998d50dd79e47bcd7e1d60950d64b812a599f8cd?arch=arm64\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-signing-rhel9\u0026tag=1.1.2-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "kmm/kernel-module-management-hub-operator-bundle@sha256:b8b8d224ada7a865ddf79b36b493c3fc93f6b89f03dcb5bf6329ae2f538002aa_ppc64le",
"product": {
"name": "kmm/kernel-module-management-hub-operator-bundle@sha256:b8b8d224ada7a865ddf79b36b493c3fc93f6b89f03dcb5bf6329ae2f538002aa_ppc64le",
"product_id": "kmm/kernel-module-management-hub-operator-bundle@sha256:b8b8d224ada7a865ddf79b36b493c3fc93f6b89f03dcb5bf6329ae2f538002aa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-hub-operator-bundle@sha256:b8b8d224ada7a865ddf79b36b493c3fc93f6b89f03dcb5bf6329ae2f538002aa?arch=ppc64le\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-hub-operator-bundle\u0026tag=v1.1.2-7"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-hub-rhel9-operator@sha256:6793da0209a2427a3280287c514e0f6c1f4927e65fd2079d7b1528b1d074cba6_ppc64le",
"product": {
"name": "kmm/kernel-module-management-hub-rhel9-operator@sha256:6793da0209a2427a3280287c514e0f6c1f4927e65fd2079d7b1528b1d074cba6_ppc64le",
"product_id": "kmm/kernel-module-management-hub-rhel9-operator@sha256:6793da0209a2427a3280287c514e0f6c1f4927e65fd2079d7b1528b1d074cba6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-hub-rhel9-operator@sha256:6793da0209a2427a3280287c514e0f6c1f4927e65fd2079d7b1528b1d074cba6?arch=ppc64le\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-hub-rhel9-operator\u0026tag=1.1.2-2"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-must-gather-rhel9@sha256:45c6a0a49602a2866490ae59036b5a585d243cdc7e802055b34eb2e8ebbbc98d_ppc64le",
"product": {
"name": "kmm/kernel-module-management-must-gather-rhel9@sha256:45c6a0a49602a2866490ae59036b5a585d243cdc7e802055b34eb2e8ebbbc98d_ppc64le",
"product_id": "kmm/kernel-module-management-must-gather-rhel9@sha256:45c6a0a49602a2866490ae59036b5a585d243cdc7e802055b34eb2e8ebbbc98d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-must-gather-rhel9@sha256:45c6a0a49602a2866490ae59036b5a585d243cdc7e802055b34eb2e8ebbbc98d?arch=ppc64le\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-must-gather-rhel9\u0026tag=1.1.2-2"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-operator-bundle@sha256:c1fbd5600ce0eaa118012e9d7a0a3e7b4d75b5c78b369f6cb3525aee7eae93a7_ppc64le",
"product": {
"name": "kmm/kernel-module-management-operator-bundle@sha256:c1fbd5600ce0eaa118012e9d7a0a3e7b4d75b5c78b369f6cb3525aee7eae93a7_ppc64le",
"product_id": "kmm/kernel-module-management-operator-bundle@sha256:c1fbd5600ce0eaa118012e9d7a0a3e7b4d75b5c78b369f6cb3525aee7eae93a7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-operator-bundle@sha256:c1fbd5600ce0eaa118012e9d7a0a3e7b4d75b5c78b369f6cb3525aee7eae93a7?arch=ppc64le\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-operator-bundle\u0026tag=v1.1.2-7"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-rhel9-operator@sha256:0964ed8ca8a915f0f2b3ac4cc8aa7d885e541595a9ed959a18fffc771f591716_ppc64le",
"product": {
"name": "kmm/kernel-module-management-rhel9-operator@sha256:0964ed8ca8a915f0f2b3ac4cc8aa7d885e541595a9ed959a18fffc771f591716_ppc64le",
"product_id": "kmm/kernel-module-management-rhel9-operator@sha256:0964ed8ca8a915f0f2b3ac4cc8aa7d885e541595a9ed959a18fffc771f591716_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-rhel9-operator@sha256:0964ed8ca8a915f0f2b3ac4cc8aa7d885e541595a9ed959a18fffc771f591716?arch=ppc64le\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-rhel9-operator\u0026tag=1.1.2-2"
}
}
},
{
"category": "product_version",
"name": "kmm/kernel-module-management-signing-rhel9@sha256:3feee1b84375b7e5e936bab7d4d2340be0452bbfda959e5d1aec520f0f606887_ppc64le",
"product": {
"name": "kmm/kernel-module-management-signing-rhel9@sha256:3feee1b84375b7e5e936bab7d4d2340be0452bbfda959e5d1aec520f0f606887_ppc64le",
"product_id": "kmm/kernel-module-management-signing-rhel9@sha256:3feee1b84375b7e5e936bab7d4d2340be0452bbfda959e5d1aec520f0f606887_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kernel-module-management-signing-rhel9@sha256:3feee1b84375b7e5e936bab7d4d2340be0452bbfda959e5d1aec520f0f606887?arch=ppc64le\u0026repository_url=registry.redhat.io/kmm/kernel-module-management-signing-rhel9\u0026tag=1.1.2-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-hub-operator-bundle@sha256:4b9879b5a7d6003b0c9586a11c2062a78794a6f92fe9ecc14da80e04149a62f8_arm64 as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:4b9879b5a7d6003b0c9586a11c2062a78794a6f92fe9ecc14da80e04149a62f8_arm64"
},
"product_reference": "kmm/kernel-module-management-hub-operator-bundle@sha256:4b9879b5a7d6003b0c9586a11c2062a78794a6f92fe9ecc14da80e04149a62f8_arm64",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-hub-operator-bundle@sha256:7a2bbedd258140f7767e206523d21fdf407ec5596f10ad3c0936c92863939313_amd64 as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:7a2bbedd258140f7767e206523d21fdf407ec5596f10ad3c0936c92863939313_amd64"
},
"product_reference": "kmm/kernel-module-management-hub-operator-bundle@sha256:7a2bbedd258140f7767e206523d21fdf407ec5596f10ad3c0936c92863939313_amd64",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-hub-operator-bundle@sha256:b8b8d224ada7a865ddf79b36b493c3fc93f6b89f03dcb5bf6329ae2f538002aa_ppc64le as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:b8b8d224ada7a865ddf79b36b493c3fc93f6b89f03dcb5bf6329ae2f538002aa_ppc64le"
},
"product_reference": "kmm/kernel-module-management-hub-operator-bundle@sha256:b8b8d224ada7a865ddf79b36b493c3fc93f6b89f03dcb5bf6329ae2f538002aa_ppc64le",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-hub-rhel9-operator@sha256:6793da0209a2427a3280287c514e0f6c1f4927e65fd2079d7b1528b1d074cba6_ppc64le as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:6793da0209a2427a3280287c514e0f6c1f4927e65fd2079d7b1528b1d074cba6_ppc64le"
},
"product_reference": "kmm/kernel-module-management-hub-rhel9-operator@sha256:6793da0209a2427a3280287c514e0f6c1f4927e65fd2079d7b1528b1d074cba6_ppc64le",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-hub-rhel9-operator@sha256:cb0727de29d42ac9c79bf51474b72fb55f04fdc2a05876e944443669750f5ee6_arm64 as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:cb0727de29d42ac9c79bf51474b72fb55f04fdc2a05876e944443669750f5ee6_arm64"
},
"product_reference": "kmm/kernel-module-management-hub-rhel9-operator@sha256:cb0727de29d42ac9c79bf51474b72fb55f04fdc2a05876e944443669750f5ee6_arm64",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-hub-rhel9-operator@sha256:ecc37b90a477748766aa11784966f695b83e6e1a2d4eca48fd9167f920c33615_amd64 as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:ecc37b90a477748766aa11784966f695b83e6e1a2d4eca48fd9167f920c33615_amd64"
},
"product_reference": "kmm/kernel-module-management-hub-rhel9-operator@sha256:ecc37b90a477748766aa11784966f695b83e6e1a2d4eca48fd9167f920c33615_amd64",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-must-gather-rhel9@sha256:0c17aa8140a586ec4271f10f252e65a380f25cc73d79a3ab20e37b4cf5b0f51c_amd64 as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:0c17aa8140a586ec4271f10f252e65a380f25cc73d79a3ab20e37b4cf5b0f51c_amd64"
},
"product_reference": "kmm/kernel-module-management-must-gather-rhel9@sha256:0c17aa8140a586ec4271f10f252e65a380f25cc73d79a3ab20e37b4cf5b0f51c_amd64",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-must-gather-rhel9@sha256:45c6a0a49602a2866490ae59036b5a585d243cdc7e802055b34eb2e8ebbbc98d_ppc64le as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:45c6a0a49602a2866490ae59036b5a585d243cdc7e802055b34eb2e8ebbbc98d_ppc64le"
},
"product_reference": "kmm/kernel-module-management-must-gather-rhel9@sha256:45c6a0a49602a2866490ae59036b5a585d243cdc7e802055b34eb2e8ebbbc98d_ppc64le",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-must-gather-rhel9@sha256:f9cec2eac1dbd3d19ce6e9d7d7c654f8eba96882dc3a5df9ad5b8cbd02e88bb9_arm64 as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:f9cec2eac1dbd3d19ce6e9d7d7c654f8eba96882dc3a5df9ad5b8cbd02e88bb9_arm64"
},
"product_reference": "kmm/kernel-module-management-must-gather-rhel9@sha256:f9cec2eac1dbd3d19ce6e9d7d7c654f8eba96882dc3a5df9ad5b8cbd02e88bb9_arm64",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-operator-bundle@sha256:6e3792f846dd8f3b3a2117b46b8abcfe85ad5118eac0acf83bb007390d12fd05_amd64 as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:6e3792f846dd8f3b3a2117b46b8abcfe85ad5118eac0acf83bb007390d12fd05_amd64"
},
"product_reference": "kmm/kernel-module-management-operator-bundle@sha256:6e3792f846dd8f3b3a2117b46b8abcfe85ad5118eac0acf83bb007390d12fd05_amd64",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-operator-bundle@sha256:c1fbd5600ce0eaa118012e9d7a0a3e7b4d75b5c78b369f6cb3525aee7eae93a7_ppc64le as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:c1fbd5600ce0eaa118012e9d7a0a3e7b4d75b5c78b369f6cb3525aee7eae93a7_ppc64le"
},
"product_reference": "kmm/kernel-module-management-operator-bundle@sha256:c1fbd5600ce0eaa118012e9d7a0a3e7b4d75b5c78b369f6cb3525aee7eae93a7_ppc64le",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-operator-bundle@sha256:e0aa6130e69dd838e31a9a8800ed518c00c73f67a24a4bcf0d572c757d68b5ee_arm64 as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:e0aa6130e69dd838e31a9a8800ed518c00c73f67a24a4bcf0d572c757d68b5ee_arm64"
},
"product_reference": "kmm/kernel-module-management-operator-bundle@sha256:e0aa6130e69dd838e31a9a8800ed518c00c73f67a24a4bcf0d572c757d68b5ee_arm64",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-rhel9-operator@sha256:0964ed8ca8a915f0f2b3ac4cc8aa7d885e541595a9ed959a18fffc771f591716_ppc64le as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:0964ed8ca8a915f0f2b3ac4cc8aa7d885e541595a9ed959a18fffc771f591716_ppc64le"
},
"product_reference": "kmm/kernel-module-management-rhel9-operator@sha256:0964ed8ca8a915f0f2b3ac4cc8aa7d885e541595a9ed959a18fffc771f591716_ppc64le",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-rhel9-operator@sha256:b2c25eb3dff374616b87f57caec0215af803b725b1f01784de808ee4d23068c8_amd64 as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:b2c25eb3dff374616b87f57caec0215af803b725b1f01784de808ee4d23068c8_amd64"
},
"product_reference": "kmm/kernel-module-management-rhel9-operator@sha256:b2c25eb3dff374616b87f57caec0215af803b725b1f01784de808ee4d23068c8_amd64",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-rhel9-operator@sha256:c0062d91d15628ccc35133b67bcedb82076ed22b5c180fdfbae360c8e25e8a47_arm64 as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:c0062d91d15628ccc35133b67bcedb82076ed22b5c180fdfbae360c8e25e8a47_arm64"
},
"product_reference": "kmm/kernel-module-management-rhel9-operator@sha256:c0062d91d15628ccc35133b67bcedb82076ed22b5c180fdfbae360c8e25e8a47_arm64",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-signing-rhel9@sha256:3feee1b84375b7e5e936bab7d4d2340be0452bbfda959e5d1aec520f0f606887_ppc64le as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:3feee1b84375b7e5e936bab7d4d2340be0452bbfda959e5d1aec520f0f606887_ppc64le"
},
"product_reference": "kmm/kernel-module-management-signing-rhel9@sha256:3feee1b84375b7e5e936bab7d4d2340be0452bbfda959e5d1aec520f0f606887_ppc64le",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-signing-rhel9@sha256:8f7e525974f388a0c33e227e9cd283b16edcf085819f89a37e41f27a872fa832_amd64 as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:8f7e525974f388a0c33e227e9cd283b16edcf085819f89a37e41f27a872fa832_amd64"
},
"product_reference": "kmm/kernel-module-management-signing-rhel9@sha256:8f7e525974f388a0c33e227e9cd283b16edcf085819f89a37e41f27a872fa832_amd64",
"relates_to_product_reference": "9Base-KMM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kmm/kernel-module-management-signing-rhel9@sha256:fe37c0a672e97518b01abf7b998d50dd79e47bcd7e1d60950d64b812a599f8cd_arm64 as a component of kmm 1.1 for RHEL 9",
"product_id": "9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:fe37c0a672e97518b01abf7b998d50dd79e47bcd7e1d60950d64b812a599f8cd_arm64"
},
"product_reference": "kmm/kernel-module-management-signing-rhel9@sha256:fe37c0a672e97518b01abf7b998d50dd79e47bcd7e1d60950d64b812a599f8cd_arm64",
"relates_to_product_reference": "9Base-KMM-1.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:4b9879b5a7d6003b0c9586a11c2062a78794a6f92fe9ecc14da80e04149a62f8_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:7a2bbedd258140f7767e206523d21fdf407ec5596f10ad3c0936c92863939313_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:b8b8d224ada7a865ddf79b36b493c3fc93f6b89f03dcb5bf6329ae2f538002aa_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:6793da0209a2427a3280287c514e0f6c1f4927e65fd2079d7b1528b1d074cba6_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:cb0727de29d42ac9c79bf51474b72fb55f04fdc2a05876e944443669750f5ee6_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:ecc37b90a477748766aa11784966f695b83e6e1a2d4eca48fd9167f920c33615_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:0c17aa8140a586ec4271f10f252e65a380f25cc73d79a3ab20e37b4cf5b0f51c_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:45c6a0a49602a2866490ae59036b5a585d243cdc7e802055b34eb2e8ebbbc98d_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:f9cec2eac1dbd3d19ce6e9d7d7c654f8eba96882dc3a5df9ad5b8cbd02e88bb9_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:6e3792f846dd8f3b3a2117b46b8abcfe85ad5118eac0acf83bb007390d12fd05_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:c1fbd5600ce0eaa118012e9d7a0a3e7b4d75b5c78b369f6cb3525aee7eae93a7_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:e0aa6130e69dd838e31a9a8800ed518c00c73f67a24a4bcf0d572c757d68b5ee_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:0964ed8ca8a915f0f2b3ac4cc8aa7d885e541595a9ed959a18fffc771f591716_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:b2c25eb3dff374616b87f57caec0215af803b725b1f01784de808ee4d23068c8_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:c0062d91d15628ccc35133b67bcedb82076ed22b5c180fdfbae360c8e25e8a47_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:3feee1b84375b7e5e936bab7d4d2340be0452bbfda959e5d1aec520f0f606887_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:8f7e525974f388a0c33e227e9cd283b16edcf085819f89a37e41f27a872fa832_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:fe37c0a672e97518b01abf7b998d50dd79e47bcd7e1d60950d64b812a599f8cd_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T01:02:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:4b9879b5a7d6003b0c9586a11c2062a78794a6f92fe9ecc14da80e04149a62f8_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:7a2bbedd258140f7767e206523d21fdf407ec5596f10ad3c0936c92863939313_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:b8b8d224ada7a865ddf79b36b493c3fc93f6b89f03dcb5bf6329ae2f538002aa_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:6793da0209a2427a3280287c514e0f6c1f4927e65fd2079d7b1528b1d074cba6_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:cb0727de29d42ac9c79bf51474b72fb55f04fdc2a05876e944443669750f5ee6_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:ecc37b90a477748766aa11784966f695b83e6e1a2d4eca48fd9167f920c33615_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:0c17aa8140a586ec4271f10f252e65a380f25cc73d79a3ab20e37b4cf5b0f51c_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:45c6a0a49602a2866490ae59036b5a585d243cdc7e802055b34eb2e8ebbbc98d_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:f9cec2eac1dbd3d19ce6e9d7d7c654f8eba96882dc3a5df9ad5b8cbd02e88bb9_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:6e3792f846dd8f3b3a2117b46b8abcfe85ad5118eac0acf83bb007390d12fd05_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:c1fbd5600ce0eaa118012e9d7a0a3e7b4d75b5c78b369f6cb3525aee7eae93a7_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:e0aa6130e69dd838e31a9a8800ed518c00c73f67a24a4bcf0d572c757d68b5ee_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:0964ed8ca8a915f0f2b3ac4cc8aa7d885e541595a9ed959a18fffc771f591716_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:b2c25eb3dff374616b87f57caec0215af803b725b1f01784de808ee4d23068c8_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:c0062d91d15628ccc35133b67bcedb82076ed22b5c180fdfbae360c8e25e8a47_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:3feee1b84375b7e5e936bab7d4d2340be0452bbfda959e5d1aec520f0f606887_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:8f7e525974f388a0c33e227e9cd283b16edcf085819f89a37e41f27a872fa832_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:fe37c0a672e97518b01abf7b998d50dd79e47bcd7e1d60950d64b812a599f8cd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7218"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:4b9879b5a7d6003b0c9586a11c2062a78794a6f92fe9ecc14da80e04149a62f8_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:7a2bbedd258140f7767e206523d21fdf407ec5596f10ad3c0936c92863939313_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:b8b8d224ada7a865ddf79b36b493c3fc93f6b89f03dcb5bf6329ae2f538002aa_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:6793da0209a2427a3280287c514e0f6c1f4927e65fd2079d7b1528b1d074cba6_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:cb0727de29d42ac9c79bf51474b72fb55f04fdc2a05876e944443669750f5ee6_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:ecc37b90a477748766aa11784966f695b83e6e1a2d4eca48fd9167f920c33615_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:0c17aa8140a586ec4271f10f252e65a380f25cc73d79a3ab20e37b4cf5b0f51c_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:45c6a0a49602a2866490ae59036b5a585d243cdc7e802055b34eb2e8ebbbc98d_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:f9cec2eac1dbd3d19ce6e9d7d7c654f8eba96882dc3a5df9ad5b8cbd02e88bb9_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:6e3792f846dd8f3b3a2117b46b8abcfe85ad5118eac0acf83bb007390d12fd05_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:c1fbd5600ce0eaa118012e9d7a0a3e7b4d75b5c78b369f6cb3525aee7eae93a7_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:e0aa6130e69dd838e31a9a8800ed518c00c73f67a24a4bcf0d572c757d68b5ee_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:0964ed8ca8a915f0f2b3ac4cc8aa7d885e541595a9ed959a18fffc771f591716_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:b2c25eb3dff374616b87f57caec0215af803b725b1f01784de808ee4d23068c8_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:c0062d91d15628ccc35133b67bcedb82076ed22b5c180fdfbae360c8e25e8a47_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:3feee1b84375b7e5e936bab7d4d2340be0452bbfda959e5d1aec520f0f606887_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:8f7e525974f388a0c33e227e9cd283b16edcf085819f89a37e41f27a872fa832_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:fe37c0a672e97518b01abf7b998d50dd79e47bcd7e1d60950d64b812a599f8cd_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:4b9879b5a7d6003b0c9586a11c2062a78794a6f92fe9ecc14da80e04149a62f8_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:7a2bbedd258140f7767e206523d21fdf407ec5596f10ad3c0936c92863939313_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-operator-bundle@sha256:b8b8d224ada7a865ddf79b36b493c3fc93f6b89f03dcb5bf6329ae2f538002aa_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:6793da0209a2427a3280287c514e0f6c1f4927e65fd2079d7b1528b1d074cba6_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:cb0727de29d42ac9c79bf51474b72fb55f04fdc2a05876e944443669750f5ee6_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-hub-rhel9-operator@sha256:ecc37b90a477748766aa11784966f695b83e6e1a2d4eca48fd9167f920c33615_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:0c17aa8140a586ec4271f10f252e65a380f25cc73d79a3ab20e37b4cf5b0f51c_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:45c6a0a49602a2866490ae59036b5a585d243cdc7e802055b34eb2e8ebbbc98d_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-must-gather-rhel9@sha256:f9cec2eac1dbd3d19ce6e9d7d7c654f8eba96882dc3a5df9ad5b8cbd02e88bb9_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:6e3792f846dd8f3b3a2117b46b8abcfe85ad5118eac0acf83bb007390d12fd05_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:c1fbd5600ce0eaa118012e9d7a0a3e7b4d75b5c78b369f6cb3525aee7eae93a7_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-operator-bundle@sha256:e0aa6130e69dd838e31a9a8800ed518c00c73f67a24a4bcf0d572c757d68b5ee_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:0964ed8ca8a915f0f2b3ac4cc8aa7d885e541595a9ed959a18fffc771f591716_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:b2c25eb3dff374616b87f57caec0215af803b725b1f01784de808ee4d23068c8_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-rhel9-operator@sha256:c0062d91d15628ccc35133b67bcedb82076ed22b5c180fdfbae360c8e25e8a47_arm64",
"9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:3feee1b84375b7e5e936bab7d4d2340be0452bbfda959e5d1aec520f0f606887_ppc64le",
"9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:8f7e525974f388a0c33e227e9cd283b16edcf085819f89a37e41f27a872fa832_amd64",
"9Base-KMM-1.1:kmm/kernel-module-management-signing-rhel9@sha256:fe37c0a672e97518b01abf7b998d50dd79e47bcd7e1d60950d64b812a599f8cd_arm64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_7247
Vulnerability from csaf_redhat - Published: 2023-11-15 17:07 - Updated: 2024-12-17 02:53A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.12.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
A flaw was found in SquareUp Okio. A class GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This issue may allow a malicious user to start processing a malformed file, which can result in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.12.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
A flaw was found in Spring Security's WebFlux framework pattern matching, where it does not properly evaluate certain patterns. A server using path-based pattern matching in WebFlux could allow an attacker to bypass security settings for some request paths, potentially leading to information disclosure, access of functionality outside the user's permissions, or denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.12.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Jetty http2-hpack and http3-qpack. If header values exceed the size limit and Huffman is the true`MetaDataBuilder.checkSize`, the multiplication will overflow, and the length will become negative, causing a large buffer allocation on the server, leading to a Denial of Service (DoS) attack.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.12.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Jetty's CGI servlet which permits incorrect command execution in specific circumstances such as requests with certain characters in requested filenames. This issue could allow an attacker to run permitted commands other than the one requested.
CWE-149 - Improper Neutralization of Quoting Syntax| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.12.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.12.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.12.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to weak authentication. If a Jetty `OpenIdAuthenticator` uses the optional nested `LoginService`, and that `LoginService` decides to revoke an already authenticated user, then the current request will still treat the user as authenticated. The authentication is then cleared from the session and subsequent requests will not be treated as authenticated. So a request on a previously authenticated session could be allowed to bypass authentication after it had been rejected by the `LoginService`. This impacts usages of the jetty-openid which have configured a nested `LoginService` and where that `LoginService` will is capable of rejecting previously authenticated users. Versions 9.4.52, 10.0.16, and 11.0.16 have a patch for this issue.
CWE-1390 - Weak Authentication| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.12.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
|
A flaw was found in Apache Tomcat. An incomplete cleanup vulnerability with the internal fork of the Commons FileUpload package exposed a potential denial of service on Windows if a web application opened a stream for an uploaded file but failed to close the stream. The file would never be deleted from the disk, potentially leading to a denial of service due to the disk being full.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.12.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Apache Tomcat. Tomcat may skip, after an error, the recycling of the internal objects that the next request/response process might use, resulting in information leaking from one request to the next. This flaw allows a malicious user to have access to this information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.12.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.12.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Apache Tomcat, where an improper input validation can occur. This flaw allows a malicious user to send a crafted request containing an invalid trailer header, which could be treated as multiple requests, potentially leading to request smuggling when behind a reverse proxy.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.12.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Apache ActiveMQ, specifically the OpenWire Module. This flaw may allow a remote malicious user to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol, causing the broker to instantiate any class on the classpath. This issue happens when OpenWire commands are unmarshalled, without validating the provided throwable class type, which could allow an attacker to jeopardize the entire server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.12.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A minor version update (from 7.12 to 7.12.1) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat Fuse 7.12.1 serves as a replacement for Red Hat Fuse 7.12 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.\n\nSecurity Fix(es):\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\n* OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack (CVE-2023-46604)\n\n* undertow: OutOfMemoryError due to @MultipartConfig handling (CVE-2023-3223)\n\n* okio: GzipSource class improper exception handling (CVE-2023-3635)\n\n* spring-security: spring-security-webflux: path wildcard leads to security bypass (CVE-2023-34034)\n\n* http2-hpack: jetty: hpack header values cause denial of service in http/2 (CVE-2023-36478)\n\n* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK (CVE-2023-39410)\n\n* jetty: Improper validation of HTTP/1 content-length (CVE-2023-40167)\n\n* tomcat: FileUpload: DoS due to accumulation of temporary files on Windows (CVE-2023-42794)\n\n* tomcat: improper cleaning of recycled objects could lead to information leak (CVE-2023-42795)\n\n* tomcat: incorrectly parsed http trailer headers can cause request smuggling (CVE-2023-45648)\n\n* jetty: Improper addition of quotation marks to user inputs in CgiServlet (CVE-2023-36479)\n\n* jetty: OpenId Revoked authentication allows one request (CVE-2023-41900)\n\nFor more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7247",
"url": "https://access.redhat.com/errata/RHSA-2023:7247"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=distributions\u0026version=7.12.1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=distributions\u0026version=7.12.1"
},
{
"category": "external",
"summary": "2209689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209689"
},
{
"category": "external",
"summary": "2229295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2229295"
},
{
"category": "external",
"summary": "2239630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239630"
},
{
"category": "external",
"summary": "2239634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634"
},
{
"category": "external",
"summary": "2241271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241271"
},
{
"category": "external",
"summary": "2242521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242521"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243123"
},
{
"category": "external",
"summary": "2243749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243749"
},
{
"category": "external",
"summary": "2243751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243751"
},
{
"category": "external",
"summary": "2243752",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243752"
},
{
"category": "external",
"summary": "2246645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246645"
},
{
"category": "external",
"summary": "2247052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247052"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7247.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Fuse 7.12.1 release and security update",
"tracking": {
"current_release_date": "2024-12-17T02:53:02+00:00",
"generator": {
"date": "2024-12-17T02:53:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:7247",
"initial_release_date": "2023-11-15T17:07:49+00:00",
"revision_history": [
{
"date": "2023-11-15T17:07:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-15T17:07:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T02:53:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse 7.12.1",
"product": {
"name": "Red Hat Fuse 7.12.1",
"product_id": "Red Hat Fuse 7.12.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Keke Lian \u0026 Haoran Zhao"
],
"organization": "System and Software Security Lab in Fudan University"
}
],
"cve": "CVE-2023-3223",
"cwe": {
"id": "CWE-789",
"name": "Memory Allocation with Excessive Size Value"
},
"discovery_date": "2023-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2209689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it\u0027s possible to bypass the limit by setting the file name in the request to null.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: OutOfMemoryError due to @MultipartConfig handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.12.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3223"
},
{
"category": "external",
"summary": "RHBZ#2209689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3223",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3223"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3223",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3223"
}
],
"release_date": "2023-08-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T17:07:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Fuse 7.12.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7247"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.12.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: OutOfMemoryError due to @MultipartConfig handling"
},
{
"cve": "CVE-2023-3635",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2229295"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SquareUp Okio. A class GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This issue may allow a malicious user to start processing a malformed file, which can result in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "okio: GzipSource class improper exception handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat JBoss Enterprise Application Platform XP does contain Okio package but is not using GzipSource.java, which is the affected class.\nRed Hat support for Spring Boot is considered low impact as it\u0027s used by Dekorate during compilation process and not included in the resulting Jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.12.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3635"
},
{
"category": "external",
"summary": "RHBZ#2229295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2229295"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3635",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3635"
}
],
"release_date": "2023-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T17:07:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Fuse 7.12.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7247"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.12.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "okio: GzipSource class improper exception handling"
},
{
"cve": "CVE-2023-34034",
"cwe": {
"id": "CWE-145",
"name": "Improper Neutralization of Section Delimiters"
},
"discovery_date": "2023-09-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2241271"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Security\u0027s WebFlux framework pattern matching, where it does not properly evaluate certain patterns. A server using path-based pattern matching in WebFlux could allow an attacker to bypass security settings for some request paths, potentially leading to information disclosure, access of functionality outside the user\u0027s permissions, or denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-security-webflux: path wildcard leads to security bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.12.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-34034"
},
{
"category": "external",
"summary": "RHBZ#2241271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-34034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-34034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34034"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2023-34034",
"url": "https://spring.io/security/cve-2023-34034"
}
],
"release_date": "2023-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T17:07:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Fuse 7.12.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7247"
},
{
"category": "workaround",
"details": "Users of path-based URL determination should ensure that all their patterns have a slash prepended.\nexample:\n pathMatchers(\"home/**\") // vulnerable\n pathMatchers(\"/home/**\") // not vulnerable",
"product_ids": [
"Red Hat Fuse 7.12.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.12.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spring-security-webflux: path wildcard leads to security bypass"
},
{
"cve": "CVE-2023-36478",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243123"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty http2-hpack and http3-qpack. If header values exceed the size limit and Huffman is the true`MetaDataBuilder.checkSize`, the multiplication will overflow, and the length will become negative, causing a large buffer allocation on the server, leading to a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: hpack header values cause denial of service in http/2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires a remote attacker to repeatedly send HTTP requests with HPACK, which could easily impact the server\u0027s performance or make it run out of memory. Hence, this vulnerability received an Important impact rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.12.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-36478"
},
{
"category": "external",
"summary": "RHBZ#2243123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243123"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-36478",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36478"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/pull/9634",
"url": "https://github.com/eclipse/jetty.project/pull/9634"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/releases/tag/jetty-10.0.16",
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-10.0.16"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/releases/tag/jetty-11.0.16",
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-11.0.16"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009",
"url": "https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T17:07:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Fuse 7.12.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7247"
},
{
"category": "workaround",
"details": "No mitigations are currently available for this vulnerability.",
"product_ids": [
"Red Hat Fuse 7.12.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.12.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jetty: hpack header values cause denial of service in http/2"
},
{
"cve": "CVE-2023-36479",
"cwe": {
"id": "CWE-149",
"name": "Improper Neutralization of Quoting Syntax"
},
"discovery_date": "2023-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239630"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty\u0027s CGI servlet which permits incorrect command execution in specific circumstances such as requests with certain characters in requested filenames. This issue could allow an attacker to run permitted commands other than the one requested.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: Improper addition of quotation marks to user inputs in CgiServlet",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.12.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-36479"
},
{
"category": "external",
"summary": "RHBZ#2239630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239630"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-36479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36479"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479"
}
],
"release_date": "2023-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T17:07:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Fuse 7.12.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7247"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.12.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jetty: Improper addition of quotation marks to user inputs in CgiServlet"
},
{
"cve": "CVE-2023-39410",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242521"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.12.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39410"
},
{
"category": "external",
"summary": "RHBZ#2242521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242521"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39410",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39410"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/AVRO-3819",
"url": "https://issues.apache.org/jira/browse/AVRO-3819"
}
],
"release_date": "2023-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T17:07:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Fuse 7.12.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7247"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.12.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK"
},
{
"cve": "CVE-2023-40167",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2023-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: Improper validation of HTTP/1 content-length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.12.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40167"
},
{
"category": "external",
"summary": "RHBZ#2239634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6"
}
],
"release_date": "2023-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T17:07:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Fuse 7.12.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7247"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.12.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: Improper validation of HTTP/1 content-length"
},
{
"cve": "CVE-2023-41900",
"cwe": {
"id": "CWE-1390",
"name": "Weak Authentication"
},
"discovery_date": "2023-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2247052"
}
],
"notes": [
{
"category": "description",
"text": "Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to weak authentication. If a Jetty `OpenIdAuthenticator` uses the optional nested `LoginService`, and that `LoginService` decides to revoke an already authenticated user, then the current request will still treat the user as authenticated. The authentication is then cleared from the session and subsequent requests will not be treated as authenticated. So a request on a previously authenticated session could be allowed to bypass authentication after it had been rejected by the `LoginService`. This impacts usages of the jetty-openid which have configured a nested `LoginService` and where that `LoginService` will is capable of rejecting previously authenticated users. Versions 9.4.52, 10.0.16, and 11.0.16 have a patch for this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: OpenId Revoked authentication allows one request",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.12.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-41900"
},
{
"category": "external",
"summary": "RHBZ#2247052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247052"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-41900",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-41900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41900"
}
],
"release_date": "2023-09-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T17:07:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Fuse 7.12.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7247"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.12.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jetty: OpenId Revoked authentication allows one request"
},
{
"cve": "CVE-2023-42794",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2023-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243751"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat. An incomplete cleanup vulnerability with the internal fork of the Commons FileUpload package exposed a potential denial of service on Windows if a web application opened a stream for an uploaded file but failed to close the stream. The file would never be deleted from the disk, potentially leading to a denial of service due to the disk being full.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: FileUpload: DoS due to accumulation of temporary files on Windows",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this flaw as a Moderate impact as this would depend on how much information an attacker has over the environment (version and disk for example, increasing the Attack Complexity) as there is no guarantee the attack is successful. \nThis may affect only scenarios where running an application on Windows.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.12.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-42794"
},
{
"category": "external",
"summary": "RHBZ#2243751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-42794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-42794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42794"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2023/10/10/8",
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/8"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/vvbr2ms7lockj1hlhz5q3wmxb2mwcw82",
"url": "https://lists.apache.org/thread/vvbr2ms7lockj1hlhz5q3wmxb2mwcw82"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T17:07:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Fuse 7.12.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7247"
},
{
"category": "workaround",
"details": "No mitigation is currently available for this flaw.",
"product_ids": [
"Red Hat Fuse 7.12.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.12.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: FileUpload: DoS due to accumulation of temporary files on Windows"
},
{
"cve": "CVE-2023-42795",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2023-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243752"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat. Tomcat may skip, after an error, the recycling of the internal objects that the next request/response process might use, resulting in information leaking from one request to the next. This flaw allows a malicious user to have access to this information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: improper cleaning of recycled objects could lead to information leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Moderate impact as the confidentiality is not fully compromised and the malicious user does not have confirmation over the scenario to replicate the error and capture the possible jeopardizing response.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.12.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-42795"
},
{
"category": "external",
"summary": "RHBZ#2243752",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243752"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-42795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-42795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42795"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2023/10/10/9",
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/9"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/065jfyo583490r9j2v73nhpyxdob56lw",
"url": "https://lists.apache.org/thread/065jfyo583490r9j2v73nhpyxdob56lw"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T17:07:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Fuse 7.12.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7247"
},
{
"category": "workaround",
"details": "No mitigation is currently available for this flaw.",
"product_ids": [
"Red Hat Fuse 7.12.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.12.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: improper cleaning of recycled objects could lead to information leak"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.12.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T17:07:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Fuse 7.12.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7247"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"Red Hat Fuse 7.12.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.12.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
},
{
"cve": "CVE-2023-45648",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243749"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat, where an improper input validation can occur. This flaw allows a malicious user to send a crafted request containing an invalid trailer header, which could be treated as multiple requests, potentially leading to request smuggling when behind a reverse proxy.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: incorrectly parsed http trailer headers can cause request smuggling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The request smuggling is not guaranteed to have relevant information within every request and the scenario behind a reverse proxy which fails to handle the request too is necessary, hence the Moderate impact.\n\nThe Red Hat AMQ Broker team removed any tomcat dependencies in version 7.11.3. Please refer to https://errata.devel.redhat.com/advisory/121941.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.12.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45648"
},
{
"category": "external",
"summary": "RHBZ#2243749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243749"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45648",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45648"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45648",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45648"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2023/10/10/10",
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/10"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp",
"url": "https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T17:07:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Fuse 7.12.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7247"
},
{
"category": "workaround",
"details": "No mitigation is currently available for this flaw.",
"product_ids": [
"Red Hat Fuse 7.12.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.12.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: incorrectly parsed http trailer headers can cause request smuggling"
},
{
"cve": "CVE-2023-46604",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-10-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2246645"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache ActiveMQ, specifically the OpenWire Module. This flaw may allow a remote malicious user to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol, causing the broker to instantiate any class on the classpath. This issue happens when OpenWire commands are unmarshalled, without validating the provided throwable class type, which could allow an attacker to jeopardize the entire server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "activemq-openwire: OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "If the openwire protocol IS NOT in use, system operators can disable the OpenWire protocol which removes most risk of this vulnerability being exploited. If OpenWire IS being used, see the Mitigations section for potential options to reduce your attack surface.\n\n\n* How to determine if an AMQ 7 system is affected:\nCheck in the broker.xml configuration file. Notice the presence of **OPENWIRE** in the following snippet which indicates a vulnerable configuration. \n~~~\n\u003cacceptor name=\"artemis\"\u003etcp://localhost:####?tcpSendBufferSize=1048576;tcpReceiveBufferSize=1048576;protocols=CORE,AMQP,STOMP,HORNETQ,MQTT,**OPENWIRE**;useEpoll=true;amqpCredits=1000;amqpLowCredits=300;anycastPrefix=jms.queue.;multicastPrefix=jms.topic.\u003c/acceptor\u003e\n~~~\n\n\n* How to determine if an AMQ 7 for OpenShift system is affected:\nGet the `ActivemqArtemis` CR yaml and review the acceptor protocol and see if the following entry is present: `(default, all, Openwire)` which indicates the system is vulnerable.\n\n\n* How to determine if a Fuse 6 system is affected:\nBy default Fuse 6 includes and enables ActiveMQ Broker. So unless this has been manually disabled, every Fuse 6 system is affected by this vulnerability.\n\n\n* How to determine if a Fuse 7 system is affected:\nFuse 7 itself is not vulnerable. By default it ships the vulnerable activemq-client jar, however it does not instantiate an ActiveMQ broker. If this feature (connect to an external ActiveMQ Broker) were manually configured, it would make it vulnerable.\n\n\n* How to determine if a Fuse Online system is affected:\nSyndesis, an Integration Platform As A Service part of Fuse Online which runs on top of Openshift, does not use activemq code. Also, it doesn\u0027t instantiate a broker with Openwire protocol enabled, which makes it not vulnerable to this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.12.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-46604"
},
{
"category": "external",
"summary": "RHBZ#2246645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-46604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46604"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-46604",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46604"
},
{
"category": "external",
"summary": "https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt",
"url": "https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/y1ztwb3gktny47mj9sdv2sbw49nkgsgp",
"url": "https://lists.apache.org/thread/y1ztwb3gktny47mj9sdv2sbw49nkgsgp"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T17:07:49+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Fuse 7.12.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7247"
},
{
"category": "workaround",
"details": "In affected systems, it may be possible to mitigate some of the risks from this vulnerability. However this mitigation cannot eliminate all risks; the only complete resolution is to apply software updates. On systems where the broker is exposed to the public network, use firewall rules to restrict the transport ports and enable SSL to protect this \"Transport\".",
"product_ids": [
"Red Hat Fuse 7.12.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.12.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-11-02T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "activemq-openwire: OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack"
}
]
}
RHSA-2023_7288
Vulnerability from csaf_redhat - Published: 2023-11-16 05:58 - Updated: 2024-12-18 04:56A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src | — |
A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src | — |
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src | — |
Workaround
|
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src | — |
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src | — |
A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src | — |
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src | — |
Vendor Fix
fix
Workaround
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.14. \n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7288",
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7288.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 Openshift Jenkins security update",
"tracking": {
"current_release_date": "2024-12-18T04:56:03+00:00",
"generator": {
"date": "2024-12-18T04:56:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:7288",
"initial_release_date": "2023-11-16T05:58:26+00:00",
"revision_history": [
{
"date": "2023-11-16T05:58:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-16T05:58:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:56:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.14",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.14::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.414.3.1699356615-3.el8.src",
"product": {
"name": "jenkins-0:2.414.3.1699356615-3.el8.src",
"product_id": "jenkins-0:2.414.3.1699356615-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.414.3.1699356615-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.14.1699356715-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.414.3.1699356615-3.el8.noarch",
"product": {
"name": "jenkins-0:2.414.3.1699356615-3.el8.noarch",
"product_id": "jenkins-0:2.414.3.1699356615-3.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.414.3.1699356615-3.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.14.1699356715-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.414.3.1699356615-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch"
},
"product_reference": "jenkins-0:2.414.3.1699356615-3.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.414.3.1699356615-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
},
"product_reference": "jenkins-0:2.414.3.1699356615-3.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-29599",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven-shared-utils: Command injection via Commandline class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships Candlepin component, which uses the Tomcatjss module from the RHEL AppStream repository. In turn, Tomcatjss relies on Maven, which itself depends on affected Apache Maven Shared Utils. Due to the fact that Satellite does not directly use Apache Maven Shared Utils, or expose it in its code, it is considered not affected by the flaw. Satellite customers can resolve the security warning by updating to the fixed Apache Maven Shared Utils through the updated Maven module, which is available in the RHEL 8 AppStream repository. It\u0027s worth noting that this solution applies solely to RHEL 8, which supports modules exclusively, and it is not applicable to earlier versions including RHEL 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29599"
},
{
"category": "external",
"summary": "RHBZ#2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "maven-shared-utils: Command injection via Commandline class"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"cve": "CVE-2023-24422",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24422"
},
{
"category": "external",
"summary": "RHBZ#2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016",
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"release_date": "2023-01-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2023-25761",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170039"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25761"
},
{
"category": "external",
"summary": "RHBZ#2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25761"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2023-25762",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170041"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25762"
},
{
"category": "external",
"summary": "RHBZ#2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_7315
Vulnerability from csaf_redhat - Published: 2023-11-21 11:26 - Updated: 2024-12-18 04:56A flaw was found in the Golang HTML package where it is vulnerable to Cross-site scripting caused by the improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim's web browser within the security context of the hosting website once the URL is clicked. The flaw allows an attacker to steal the victim's cookie-based authentication credentials.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64 | — | ||
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64 | — |
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64 | — |
Workaround
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.14.3 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.14.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.14.3. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHBA-2023:7321\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive\nwork (CVE-2023-44487) (CVE-2023-39325)\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS\nattack (Rapid Reset Attack) (CVE-2023-44487)\n* golang.org/x/net/html: Cross site scripting (CVE-2023-3978)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7315",
"url": "https://access.redhat.com/errata/RHSA-2023:7315"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2228689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228689"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "OCPBUGS-14926",
"url": "https://issues.redhat.com/browse/OCPBUGS-14926"
},
{
"category": "external",
"summary": "OCPBUGS-19923",
"url": "https://issues.redhat.com/browse/OCPBUGS-19923"
},
{
"category": "external",
"summary": "OCPBUGS-21802",
"url": "https://issues.redhat.com/browse/OCPBUGS-21802"
},
{
"category": "external",
"summary": "OCPBUGS-22253",
"url": "https://issues.redhat.com/browse/OCPBUGS-22253"
},
{
"category": "external",
"summary": "OCPBUGS-22275",
"url": "https://issues.redhat.com/browse/OCPBUGS-22275"
},
{
"category": "external",
"summary": "OCPBUGS-22374",
"url": "https://issues.redhat.com/browse/OCPBUGS-22374"
},
{
"category": "external",
"summary": "OCPBUGS-22477",
"url": "https://issues.redhat.com/browse/OCPBUGS-22477"
},
{
"category": "external",
"summary": "OCPBUGS-22826",
"url": "https://issues.redhat.com/browse/OCPBUGS-22826"
},
{
"category": "external",
"summary": "OCPBUGS-22861",
"url": "https://issues.redhat.com/browse/OCPBUGS-22861"
},
{
"category": "external",
"summary": "OCPBUGS-22891",
"url": "https://issues.redhat.com/browse/OCPBUGS-22891"
},
{
"category": "external",
"summary": "OCPBUGS-22917",
"url": "https://issues.redhat.com/browse/OCPBUGS-22917"
},
{
"category": "external",
"summary": "OCPBUGS-22945",
"url": "https://issues.redhat.com/browse/OCPBUGS-22945"
},
{
"category": "external",
"summary": "OCPBUGS-22974",
"url": "https://issues.redhat.com/browse/OCPBUGS-22974"
},
{
"category": "external",
"summary": "OCPBUGS-22980",
"url": "https://issues.redhat.com/browse/OCPBUGS-22980"
},
{
"category": "external",
"summary": "OCPBUGS-23027",
"url": "https://issues.redhat.com/browse/OCPBUGS-23027"
},
{
"category": "external",
"summary": "OCPBUGS-23035",
"url": "https://issues.redhat.com/browse/OCPBUGS-23035"
},
{
"category": "external",
"summary": "OCPBUGS-23045",
"url": "https://issues.redhat.com/browse/OCPBUGS-23045"
},
{
"category": "external",
"summary": "OCPBUGS-23111",
"url": "https://issues.redhat.com/browse/OCPBUGS-23111"
},
{
"category": "external",
"summary": "OCPBUGS-23124",
"url": "https://issues.redhat.com/browse/OCPBUGS-23124"
},
{
"category": "external",
"summary": "OCPBUGS-23142",
"url": "https://issues.redhat.com/browse/OCPBUGS-23142"
},
{
"category": "external",
"summary": "OCPBUGS-23157",
"url": "https://issues.redhat.com/browse/OCPBUGS-23157"
},
{
"category": "external",
"summary": "OCPBUGS-23243",
"url": "https://issues.redhat.com/browse/OCPBUGS-23243"
},
{
"category": "external",
"summary": "OCPBUGS-23270",
"url": "https://issues.redhat.com/browse/OCPBUGS-23270"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7315.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.14.3 bug fix and security update",
"tracking": {
"current_release_date": "2024-12-18T04:56:31+00:00",
"generator": {
"date": "2024-12-18T04:56:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:7315",
"initial_release_date": "2023-11-21T11:26:31+00:00",
"revision_history": [
{
"date": "2023-11-21T11:26:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-21T11:26:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:56:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.14",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.14::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.14",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.14::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"product": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"product_id": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-etcd-rhel8-operator\u0026tag=v4.14.0-202311090332.p0.g6bc9eab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"product": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"product_id": "openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-monitoring-operator\u0026tag=v4.14.0-202311140909.p0.g94ddd62.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"product": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"product_id": "openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-operator\u0026tag=v4.14.0-202311141210.p0.g1e657ec.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"product": {
"name": "openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"product_id": "openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-manila-rhel8\u0026tag=v4.14.0-202311092032.p0.gaf51129.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"product": {
"name": "openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"product_id": "openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-manila-rhel8-operator\u0026tag=v4.14.0-202311131337.p0.gac1cd21.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"product": {
"name": "openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"product_id": "openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/driver-toolkit-rhel9\u0026tag=v4.14.0-202311142208.p0.gcafed17.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"product": {
"name": "openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"product_id": "openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-kuryr-cni-rhel8\u0026tag=v4.14.0-202311082008.p0.g8926a29.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"product": {
"name": "openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"product_id": "openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-kuryr-controller-rhel8\u0026tag=v4.14.0-202311082008.p0.g8926a29.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"product": {
"name": "openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"product_id": "openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.14.0-202311081132.p0.g60b4100.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"product": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"product_id": "openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube-rhel9\u0026tag=v4.14.0-202311082008.p0.gb49f9d1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"product": {
"name": "openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"product_id": "openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-pod\u0026tag=v4.14.0-202311082008.p0.gb49f9d1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"product": {
"name": "openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"product_id": "openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-docker-registry\u0026tag=v4.14.0-202311081250.p0.g690b5a2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"product": {
"name": "openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"product_id": "openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.14.0-202311132210.p0.g8475523.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"product_id": "openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-installer-rhel8\u0026tag=v4.14.0-202311100250.p0.gcebc8ab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"product": {
"name": "openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"product_id": "openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-container-networking-plugins-rhel8\u0026tag=v4.14.0-202311100932.p0.g7295a5e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"product": {
"name": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"product_id": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-shared-resource-rhel8\u0026tag=v4.14.0-202311092032.p0.g3ffcdcf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"product": {
"name": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"product_id": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-shared-resource-operator-rhel8\u0026tag=v4.14.0-202311130809.p0.ga351354.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"product": {
"name": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"product_id": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-shared-resource-webhook-rhel8\u0026tag=v4.14.0-202311092032.p0.g3ffcdcf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"product": {
"name": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"product_id": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-gcp-cluster-api-controllers-rhel8\u0026tag=v4.14.0-202311080350.p0.gd99fb31.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"product": {
"name": "openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"product_id": "openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-hypershift-rhel8\u0026tag=v4.14.0-202311150808.p0.g8551bc6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"product": {
"name": "openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"product_id": "openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-installer-artifacts\u0026tag=v4.14.0-202311100250.p0.gcebc8ab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"product": {
"name": "openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"product_id": "openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.14.0-202311100250.p0.gcebc8ab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"product": {
"name": "openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"product_id": "openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-machine-api-operator\u0026tag=v4.14.0-202311130809.p0.ge8e6a66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"product": {
"name": "openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"product_id": "openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-machine-os-images-rhel8\u0026tag=v4.14.0-202311100250.p0.gd3a4a6c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"product": {
"name": "openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"product_id": "openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-multus-networkpolicy-rhel8\u0026tag=v4.14.0-202311100750.p0.g2440eeb.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"product": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"product_id": "openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-network-metrics-daemon-rhel8\u0026tag=v4.14.0-202311090250.p0.g64dbc3b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"product": {
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"product_id": "openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-apiserver-rhel8\u0026tag=v4.14.0-202311080850.p0.g8e1cc19.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"product": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"product_id": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-openstack-cinder-csi-driver-rhel8\u0026tag=v4.14.0-202311092032.p0.gaf51129.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"product": {
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"product_id": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-openstack-cloud-controller-manager-rhel8\u0026tag=v4.14.0-202311092032.p0.gaf51129.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"product": {
"name": "openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"product_id": "openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-k8s-prometheus-adapter\u0026tag=v4.14.0-202311100750.p0.g801a912.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le",
"product": {
"name": "openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le",
"product_id": "openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-service-ca-operator\u0026tag=v4.14.0-202311081632.p0.g3c3f82f.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"product": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"product_id": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-etcd-rhel8-operator\u0026tag=v4.14.0-202311090332.p0.g6bc9eab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"product": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"product_id": "openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-monitoring-operator\u0026tag=v4.14.0-202311140909.p0.g94ddd62.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"product": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"product_id": "openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-operator\u0026tag=v4.14.0-202311141210.p0.g1e657ec.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"product": {
"name": "openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"product_id": "openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-manila-rhel8\u0026tag=v4.14.0-202311092032.p0.gaf51129.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"product": {
"name": "openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"product_id": "openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-manila-rhel8-operator\u0026tag=v4.14.0-202311131337.p0.gac1cd21.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"product": {
"name": "openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"product_id": "openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"product_identification_helper": {
"purl": "pkg:oci/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/driver-toolkit-rhel9\u0026tag=v4.14.0-202311142208.p0.gcafed17.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"product": {
"name": "openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"product_id": "openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ironic-rhel9\u0026tag=v4.14.0-202311130809.p0.g5ec3ad0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"product": {
"name": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"product_id": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ironic-machine-os-downloader-rhel9\u0026tag=v4.14.0-202311142208.p0.g7b56c30.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"product": {
"name": "openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"product_id": "openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-kuryr-cni-rhel8\u0026tag=v4.14.0-202311082008.p0.g8926a29.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"product": {
"name": "openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"product_id": "openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-kuryr-controller-rhel8\u0026tag=v4.14.0-202311082008.p0.g8926a29.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"product": {
"name": "openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"product_id": "openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.14.0-202311081132.p0.g60b4100.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"product": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"product_id": "openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube-rhel9\u0026tag=v4.14.0-202311082008.p0.gb49f9d1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"product": {
"name": "openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"product_id": "openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-pod\u0026tag=v4.14.0-202311082008.p0.gb49f9d1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"product": {
"name": "openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"product_id": "openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-docker-registry\u0026tag=v4.14.0-202311081250.p0.g690b5a2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"product": {
"name": "openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"product_id": "openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.14.0-202311132210.p0.g8475523.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"product": {
"name": "openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"product_id": "openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-aws-pod-identity-webhook-rhel8\u0026tag=v4.14.0-202311131533.p0.g3aa931a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"product_id": "openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-installer-rhel8\u0026tag=v4.14.0-202311100250.p0.gcebc8ab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"product": {
"name": "openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"product_id": "openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-container-networking-plugins-rhel8\u0026tag=v4.14.0-202311100932.p0.g7295a5e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"product": {
"name": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"product_id": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-shared-resource-rhel8\u0026tag=v4.14.0-202311092032.p0.g3ffcdcf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"product": {
"name": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"product_id": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-shared-resource-operator-rhel8\u0026tag=v4.14.0-202311130809.p0.ga351354.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"product": {
"name": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"product_id": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-shared-resource-webhook-rhel8\u0026tag=v4.14.0-202311092032.p0.g3ffcdcf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"product": {
"name": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"product_id": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-gcp-cluster-api-controllers-rhel8\u0026tag=v4.14.0-202311080350.p0.gd99fb31.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"product": {
"name": "openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"product_id": "openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-hypershift-rhel8\u0026tag=v4.14.0-202311150808.p0.g8551bc6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"product": {
"name": "openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"product_id": "openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-installer-artifacts\u0026tag=v4.14.0-202311100250.p0.gcebc8ab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"product": {
"name": "openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"product_id": "openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.14.0-202311100250.p0.gcebc8ab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64",
"product": {
"name": "openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64",
"product_id": "openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-api-operator\u0026tag=v4.14.0-202311130809.p0.ge8e6a66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"product": {
"name": "openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"product_id": "openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-os-images-rhel8\u0026tag=v4.14.0-202311100250.p0.gd3a4a6c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"product": {
"name": "openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"product_id": "openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-multus-networkpolicy-rhel8\u0026tag=v4.14.0-202311100750.p0.g2440eeb.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"product": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"product_id": "openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-network-metrics-daemon-rhel8\u0026tag=v4.14.0-202311090250.p0.g64dbc3b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"product": {
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"product_id": "openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-apiserver-rhel8\u0026tag=v4.14.0-202311080850.p0.g8e1cc19.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"product": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"product_id": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-openstack-cinder-csi-driver-rhel8\u0026tag=v4.14.0-202311092032.p0.gaf51129.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"product": {
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"product_id": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-openstack-cloud-controller-manager-rhel8\u0026tag=v4.14.0-202311092032.p0.gaf51129.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"product": {
"name": "openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"product_id": "openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-k8s-prometheus-adapter\u0026tag=v4.14.0-202311100750.p0.g801a912.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"product": {
"name": "openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"product_id": "openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-service-ca-operator\u0026tag=v4.14.0-202311081632.p0.g3c3f82f.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"product": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"product_id": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-etcd-rhel8-operator\u0026tag=v4.14.0-202311090332.p0.g6bc9eab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"product": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"product_id": "openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-monitoring-operator\u0026tag=v4.14.0-202311140909.p0.g94ddd62.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"product": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"product_id": "openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-operator\u0026tag=v4.14.0-202311141210.p0.g1e657ec.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"product": {
"name": "openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"product_id": "openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/driver-toolkit-rhel9\u0026tag=v4.14.0-202311142208.p0.gcafed17.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"product": {
"name": "openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"product_id": "openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.14.0-202311081132.p0.g60b4100.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"product": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"product_id": "openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube-rhel9\u0026tag=v4.14.0-202311082008.p0.gb49f9d1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"product": {
"name": "openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"product_id": "openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-pod\u0026tag=v4.14.0-202311082008.p0.gb49f9d1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"product": {
"name": "openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"product_id": "openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-docker-registry\u0026tag=v4.14.0-202311081250.p0.g690b5a2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"product": {
"name": "openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"product_id": "openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.14.0-202311132210.p0.g8475523.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"product_id": "openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-installer-rhel8\u0026tag=v4.14.0-202311100250.p0.gcebc8ab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"product": {
"name": "openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"product_id": "openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-container-networking-plugins-rhel8\u0026tag=v4.14.0-202311100932.p0.g7295a5e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"product": {
"name": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"product_id": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-shared-resource-rhel8\u0026tag=v4.14.0-202311092032.p0.g3ffcdcf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"product": {
"name": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"product_id": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-shared-resource-operator-rhel8\u0026tag=v4.14.0-202311130809.p0.ga351354.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"product": {
"name": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"product_id": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-shared-resource-webhook-rhel8\u0026tag=v4.14.0-202311092032.p0.g3ffcdcf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"product": {
"name": "openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"product_id": "openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-hypershift-rhel8\u0026tag=v4.14.0-202311150808.p0.g8551bc6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"product": {
"name": "openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"product_id": "openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-installer-artifacts\u0026tag=v4.14.0-202311100250.p0.gcebc8ab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"product": {
"name": "openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"product_id": "openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.14.0-202311100250.p0.gcebc8ab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"product": {
"name": "openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"product_id": "openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-machine-api-operator\u0026tag=v4.14.0-202311130809.p0.ge8e6a66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"product": {
"name": "openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"product_id": "openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-multus-networkpolicy-rhel8\u0026tag=v4.14.0-202311100750.p0.g2440eeb.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"product": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"product_id": "openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-network-metrics-daemon-rhel8\u0026tag=v4.14.0-202311090250.p0.g64dbc3b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"product": {
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"product_id": "openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-apiserver-rhel8\u0026tag=v4.14.0-202311080850.p0.g8e1cc19.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"product": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"product_id": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-openstack-cinder-csi-driver-rhel8\u0026tag=v4.14.0-202311092032.p0.gaf51129.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"product": {
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"product_id": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-openstack-cloud-controller-manager-rhel8\u0026tag=v4.14.0-202311092032.p0.gaf51129.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"product": {
"name": "openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"product_id": "openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-k8s-prometheus-adapter\u0026tag=v4.14.0-202311100750.p0.g801a912.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"product": {
"name": "openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"product_id": "openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-service-ca-operator\u0026tag=v4.14.0-202311081632.p0.g3c3f82f.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"product": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"product_id": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-etcd-rhel8-operator\u0026tag=v4.14.0-202311090332.p0.g6bc9eab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"product": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"product_id": "openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-monitoring-operator\u0026tag=v4.14.0-202311140909.p0.g94ddd62.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"product": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"product_id": "openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-operator\u0026tag=v4.14.0-202311141210.p0.g1e657ec.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"product": {
"name": "openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"product_id": "openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/driver-toolkit-rhel9\u0026tag=v4.14.0-202311142208.p0.gcafed17.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64",
"product": {
"name": "openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64",
"product_id": "openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-ironic-rhel9\u0026tag=v4.14.0-202311130809.p0.g5ec3ad0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"product": {
"name": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"product_id": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-ironic-machine-os-downloader-rhel9\u0026tag=v4.14.0-202311142208.p0.g7b56c30.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"product": {
"name": "openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"product_id": "openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.14.0-202311081132.p0.g60b4100.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"product": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"product_id": "openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-hyperkube-rhel9\u0026tag=v4.14.0-202311082008.p0.gb49f9d1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"product": {
"name": "openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"product_id": "openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-pod\u0026tag=v4.14.0-202311082008.p0.gb49f9d1.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"product": {
"name": "openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"product_id": "openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-docker-registry\u0026tag=v4.14.0-202311081250.p0.g690b5a2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"product": {
"name": "openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"product_id": "openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.14.0-202311132210.p0.g8475523.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"product": {
"name": "openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"product_id": "openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-aws-pod-identity-webhook-rhel8\u0026tag=v4.14.0-202311131533.p0.g3aa931a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"product_id": "openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-installer-rhel8\u0026tag=v4.14.0-202311100250.p0.gcebc8ab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64",
"product": {
"name": "openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64",
"product_id": "openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-container-networking-plugins-rhel8\u0026tag=v4.14.0-202311100932.p0.g7295a5e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"product": {
"name": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"product_id": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-shared-resource-rhel8\u0026tag=v4.14.0-202311092032.p0.g3ffcdcf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"product": {
"name": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"product_id": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-shared-resource-operator-rhel8\u0026tag=v4.14.0-202311130809.p0.ga351354.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"product": {
"name": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"product_id": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-csi-driver-shared-resource-webhook-rhel8\u0026tag=v4.14.0-202311092032.p0.g3ffcdcf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"product": {
"name": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"product_id": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-gcp-cluster-api-controllers-rhel8\u0026tag=v4.14.0-202311080350.p0.gd99fb31.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"product": {
"name": "openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"product_id": "openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-hypershift-rhel8\u0026tag=v4.14.0-202311150808.p0.g8551bc6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"product": {
"name": "openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"product_id": "openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-installer-artifacts\u0026tag=v4.14.0-202311100250.p0.gcebc8ab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"product": {
"name": "openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"product_id": "openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.14.0-202311100250.p0.gcebc8ab.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"product": {
"name": "openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"product_id": "openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-api-operator\u0026tag=v4.14.0-202311130809.p0.ge8e6a66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"product": {
"name": "openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"product_id": "openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-os-images-rhel8\u0026tag=v4.14.0-202311100250.p0.gd3a4a6c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"product": {
"name": "openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"product_id": "openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-multus-networkpolicy-rhel8\u0026tag=v4.14.0-202311100750.p0.g2440eeb.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"product": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"product_id": "openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-network-metrics-daemon-rhel8\u0026tag=v4.14.0-202311090250.p0.g64dbc3b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"product": {
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"product_id": "openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-openshift-apiserver-rhel8\u0026tag=v4.14.0-202311080850.p0.g8e1cc19.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"product": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"product_id": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-openstack-cinder-csi-driver-rhel8\u0026tag=v4.14.0-202311092032.p0.gaf51129.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"product": {
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"product_id": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-openstack-cloud-controller-manager-rhel8\u0026tag=v4.14.0-202311092032.p0.gaf51129.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"product": {
"name": "openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"product_id": "openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-k8s-prometheus-adapter\u0026tag=v4.14.0-202311100750.p0.g801a912.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"product": {
"name": "openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"product_id": "openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-service-ca-operator\u0026tag=v4.14.0-202311081632.p0.g3c3f82f.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64"
},
"product_reference": "openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64"
},
"product_reference": "openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64"
},
"product_reference": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64"
},
"product_reference": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x"
},
"product_reference": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le"
},
"product_reference": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64"
},
"product_reference": "openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le"
},
"product_reference": "openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64"
},
"product_reference": "openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x"
},
"product_reference": "openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le"
},
"product_reference": "openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x"
},
"product_reference": "openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64"
},
"product_reference": "openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64"
},
"product_reference": "openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x"
},
"product_reference": "openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64"
},
"product_reference": "openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le"
},
"product_reference": "openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64"
},
"product_reference": "openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le"
},
"product_reference": "openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64"
},
"product_reference": "openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le"
},
"product_reference": "openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64"
},
"product_reference": "openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le"
},
"product_reference": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x"
},
"product_reference": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64"
},
"product_reference": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64"
},
"product_reference": "openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le"
},
"product_reference": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64"
},
"product_reference": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64"
},
"product_reference": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x"
},
"product_reference": "openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x"
},
"product_reference": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64"
},
"product_reference": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le"
},
"product_reference": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64"
},
"product_reference": "openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64"
},
"product_reference": "openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64"
},
"product_reference": "openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x"
},
"product_reference": "openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le"
},
"product_reference": "openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le"
},
"product_reference": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64"
},
"product_reference": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64"
},
"product_reference": "openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le"
},
"product_reference": "openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x"
},
"product_reference": "openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64"
},
"product_reference": "openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64"
},
"product_reference": "openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64"
},
"product_reference": "openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x"
},
"product_reference": "openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le"
},
"product_reference": "openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64"
},
"product_reference": "openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64"
},
"product_reference": "openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64"
},
"product_reference": "openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le"
},
"product_reference": "openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x"
},
"product_reference": "openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x"
},
"product_reference": "openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64"
},
"product_reference": "openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64"
},
"product_reference": "openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le"
},
"product_reference": "openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64"
},
"product_reference": "openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le"
},
"product_reference": "openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64"
},
"product_reference": "openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le"
},
"product_reference": "openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x"
},
"product_reference": "openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64"
},
"product_reference": "openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le"
},
"product_reference": "openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64"
},
"product_reference": "openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le"
},
"product_reference": "openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64"
},
"product_reference": "openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64"
},
"product_reference": "openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64"
},
"product_reference": "openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x"
},
"product_reference": "openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64"
},
"product_reference": "openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le"
},
"product_reference": "openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x"
},
"product_reference": "openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le"
},
"product_reference": "openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64"
},
"product_reference": "openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64"
},
"product_reference": "openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64"
},
"product_reference": "openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x"
},
"product_reference": "openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64"
},
"product_reference": "openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le"
},
"product_reference": "openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x"
},
"product_reference": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64"
},
"product_reference": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64"
},
"product_reference": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le"
},
"product_reference": "openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x"
},
"product_reference": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le"
},
"product_reference": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64"
},
"product_reference": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64"
},
"product_reference": "openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x"
},
"product_reference": "openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64"
},
"product_reference": "openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64"
},
"product_reference": "openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le"
},
"product_reference": "openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64"
},
"product_reference": "openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x"
},
"product_reference": "openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64"
},
"product_reference": "openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le"
},
"product_reference": "openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64"
},
"product_reference": "openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le"
},
"product_reference": "openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64"
},
"product_reference": "openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x"
},
"product_reference": "openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le"
},
"product_reference": "openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64"
},
"product_reference": "openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x"
},
"product_reference": "openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64"
},
"product_reference": "openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le"
},
"product_reference": "openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x"
},
"product_reference": "openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64"
},
"product_reference": "openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64"
},
"product_reference": "openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64"
},
"product_reference": "openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64"
},
"product_reference": "openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le"
},
"product_reference": "openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x"
},
"product_reference": "openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64"
},
"product_reference": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64"
},
"product_reference": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64"
},
"product_reference": "openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64 as a component of Red Hat OpenShift Container Platform 4.14",
"product_id": "9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64"
},
"product_reference": "openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64",
"relates_to_product_reference": "9Base-RHOSE-4.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3978",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Golang HTML package where it is vulnerable to Cross-site scripting caused by the improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim\u0027s web browser within the security context of the hosting website once the URL is clicked. The flaw allows an attacker to steal the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Cross site scripting",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3978"
},
{
"category": "external",
"summary": "RHBZ#2228689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3978"
},
{
"category": "external",
"summary": "https://go.dev/cl/514896",
"url": "https://go.dev/cl/514896"
},
{
"category": "external",
"summary": "https://go.dev/issue/61615",
"url": "https://go.dev/issue/61615"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1988",
"url": "https://pkg.go.dev/vuln/GO-2023-1988"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-21T11:26:31+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\n https://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha values for the release are\n\n (For x86_64 architecture)\n The image digest is sha256:e73ab4b33a9c3ff00c9f800a38d69853ca0c4dfa5a88e3df331f66df8f18ec55\n\n (For s390x architecture)\n The image digest is sha256:300ab8d800e202b21096b5ecf742d39b433086b1de5b55b26b483eb09001c40e\n\n (For ppc64le architecture)\n The image digest is sha256:2331de76ca0948df812afa82f02d3a501c86b03d196410e21b5064fcf94cde35\n\n (For aarch64 architecture)\n The image digest is sha256:8a1d195efbc3caf07a47b4d285166cd7c73337c90f191986bec8beb6ee27b4f4\n\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7315"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/html: Cross site scripting"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le"
],
"known_not_affected": [
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-21T11:26:31+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\n https://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha values for the release are\n\n (For x86_64 architecture)\n The image digest is sha256:e73ab4b33a9c3ff00c9f800a38d69853ca0c4dfa5a88e3df331f66df8f18ec55\n\n (For s390x architecture)\n The image digest is sha256:300ab8d800e202b21096b5ecf742d39b433086b1de5b55b26b483eb09001c40e\n\n (For ppc64le architecture)\n The image digest is sha256:2331de76ca0948df812afa82f02d3a501c86b03d196410e21b5064fcf94cde35\n\n (For aarch64 architecture)\n The image digest is sha256:8a1d195efbc3caf07a47b4d285166cd7c73337c90f191986bec8beb6ee27b4f4\n\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7315"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64"
],
"known_not_affected": [
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-21T11:26:31+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\n https://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html\n\nYou may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha values for the release are\n\n (For x86_64 architecture)\n The image digest is sha256:e73ab4b33a9c3ff00c9f800a38d69853ca0c4dfa5a88e3df331f66df8f18ec55\n\n (For s390x architecture)\n The image digest is sha256:300ab8d800e202b21096b5ecf742d39b433086b1de5b55b26b483eb09001c40e\n\n (For ppc64le architecture)\n The image digest is sha256:2331de76ca0948df812afa82f02d3a501c86b03d196410e21b5064fcf94cde35\n\n (For aarch64 architecture)\n The image digest is sha256:8a1d195efbc3caf07a47b4d285166cd7c73337c90f191986bec8beb6ee27b4f4\n\nAll OpenShift Container Platform 4.14 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7315"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:1edbd96f70f64135d6ea8bbbfa8afe73b8fdb10062c88167aef825d19caa881a_amd64",
"8Base-RHOSE-4.14:openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:d2b9f1ca058a89a649ddad44b251f35fda5b52b725c496d769a71e46dab73170_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:32889e3e6c7e74ff6a9a19a58b5a4d0f04b24081dcd7b69a3f9a4cbf9f0e88b1_arm64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:784175e0ab5456487635167044940297359fd6554fa1ffa38126926cd83fc483_amd64",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:7d2e13a2934ea3e20cfac8b58e51514d0411b1023e36d9a4c03d198bc34666e5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-baremetal-installer-rhel8@sha256:cc4d3838ef3c4b9a5d5ffa05ae829c1de7022c8cc16f9d785a161b9c90b8dd49_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:58f2369af42352c8fa2b731fbf55343ed160c881673e2501fab2b1176a9b32ec_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:68cffb4387c4d114894666c98db66b8febd2b80812c1773c2ed3cad7f9bd1756_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:cc062bdd692eb4933b7496412d5122fa6d185295ad65cb18d9fb06a417ddf33a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-cluster-etcd-rhel8-operator@sha256:ffd89303a3766bc4aeb2bc18b3d81249f59e5eec9cc7ee0bf1cff446d162515e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:12cbf97240f7d3903de177c03adf888604c7c8deace205493cc59043c9b65280_arm64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:1556e2ac5158eaa5b31eca00997dcc0cb3ad01e69ab1dd96c7d3dc123dbeab13_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:3d096e082dc5241bddd6c495b2a634334831287b9b472a52389c9d287c682ff5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-cluster-monitoring-operator@sha256:faa7ded3f5ad71545ab11707594dd1d171fbb1491886a9705d2702c8f00934d6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:0009c2c68fc28070147403fe282488b300fbdfa4589cab50822c20515951d117_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:079a8d5464451a6e6122b3c4804d561e8319cb755feebd32bfbe2525b0efaad6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:5ab1254cac9d0cb03ba2ca2f6dcc9bd701ffac0ab2e00ddf515fd414203754d7_amd64",
"8Base-RHOSE-4.14:openshift4/ose-console@sha256:c10561d95ba2e669c4e1b9519ab951f4dd079a4cf9681138ddaadd10f283ea5e_arm64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:0c751c2ad31d7927996ddd5eedb4e7dc5ea1dae8e0dea63d391cf62e26335263_s390x",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:6825e9af741f952625fdb29be751c0d68892b4a6322146179bab4a0b51c7dd20_amd64",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:b3654ab2f770cf120df8ba5d7c9692fe008c278be451243fc6ae9e7502a4011c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-container-networking-plugins-rhel8@sha256:c2017633e954d9ea31cda0ebaf0b7b9a7d104822d9c9f05bfd787c390a8bff92_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:2829e0d889dd01d5c3e749f56f05b0b9f2d0ff6cf50c737cf3dee3de0b6ee9aa_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:587172fe198d5ce607340126a8849704666b1b419615da7d91e452d8a92f0ae4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:6a4105fe6895e0286fbddb1259efba92296971c70da74355e4766dce058f77c0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-manila-rhel8@sha256:8edbf045ddd5e2f17049b217ed296aa63bbfcedfdca64106338b2af2b3b595a2_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:13b0aeb65343b2c89b857644d0937f4369dcf031794e83cc6eac05b97e0c6ba8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:22b4c859f9799a20be5ab0f1427a76335e1cfc38a53e0884488527f1152648d4_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:88b195cca5b8bf890339e1e8099452825d32f275d22be06f82b8d6a7cc61e2be_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:f5827fd44208d5f72d8cfd1d1bce591f2d363178cca2425bf772c46f8cfdae91_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:0ba098f1536322f94fae0b2261e7d5120a42bb7f48014dadebc6cc4caecf21ab_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:316f8b055e1db6cb49c8b51f6f739f3c10db58d65aeced241f61bf98e926192e_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:9121f84fe1515c3208c3a00f9dc4e1edc786cb3beda5a6c756922b81f7582e80_arm64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:99e5a299867c6c5f7fd8b11c0672e729c2af66296b940a129958650200cc1c21_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1fad0bbcb5085ad03e2682d80aa7294cf337b75e1cc99f00d9bca9d799c44a2c_s390x",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:28cc16e08dd3f481c144c1dfd3944ddcb0adea61d7255f8b70320570e761c8ad_amd64",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:63784fb04c329c4f870791c57978f8d842cdcf41e42a6d367fd924cd6fd54044_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:83469a38dcf61eb8f1830dea9db3ecdbac002e592c9456917663df84212d2531_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:067fb89783dbfe45b5f7fbed6c3513c37d1e4ab32e253fcec0894875874d28e9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:a172c79e68f96fda7805585c69696b3584677ec2658841301b74c536848b8979_amd64",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:c50a291182e7f9e0cf59e871c410586152576468e9eb9bbbb47732de3d77151d_s390x",
"8Base-RHOSE-4.14:openshift4/ose-docker-registry@sha256:debe7b0543b2035cdf60e8e95c8190a2708c707541ccdb5fa2c8f58e0952856e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:46de5c63eb0d8545b1d5962e02f54643751d2130c336da676348a591c53e5751_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:8dc562a0fdd1f4248feffc1e754745ced95d5aec6a943168e7345ca7a1f0a6d4_amd64",
"8Base-RHOSE-4.14:openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:bace4fc8f73798419d557c81ed1e90873170fe62d2edf611299b83c355ecf06c_arm64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:2f0689d3588c92aca7c8b93e5a5b28c0540d1379f96bf141f6bf1649bb98ebad_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:880b1d19e32f3f3c2aa31d8009e364c09292cb5ac01bf8b52ff4648f23bd6ce6_s390x",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:d8313cdf16700dc5ac690c577fe7c78b14c0a24f999733d06bf9bae2a5072dee_amd64",
"8Base-RHOSE-4.14:openshift4/ose-hypershift-rhel8@sha256:f1f4a81a7cbfcecffae4ce3b938ccfa471e2164598195c105d8eb3459a60db7d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:2ba28613e4ce09e52a73019289f9307e32c10e75d662015b4f06cfe92e15ac32_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:42730209d74d5323e5ff055dcfb3cafdc47ff052611a4a23833c32c5380f04c0_s390x",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:577c0df8d45246f563b4a098fcd6b91e27fb26eded8e61e03aa9e9ed048c2228_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer-artifacts@sha256:cf0933b0ac2c241dc3e758cd29907b22ca7b59843eab8b4a43679d2eb09ac7c6_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:572225d6c93a3bfd13c0950315160ef4de8063ca7c4cc4639424afe0997b7aa6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:7663173c9782a29e9f8c931d971bcd5e3e63e223d6019c30f6fcc65d613d55fb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:a841ffade54d12c732da650480b1c3a7a768f964ab1f09b14c5ec7f8a110f35c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-installer@sha256:b4a52c0d96ba6a977816f280748bda13c499a3acb4e3be68e9e9df3443fc4a83_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:026cffc5f057d30eafb7f0e75b29f5c17a4290dc38737531ec0e70f703420bc3_s390x",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:8af5bbd5348beb02c1dd565e4e000782c2f0ee68c6c0289f342620acf51fb175_arm64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:ad20f8b12a690cb73a544dc35174340c7b896ec3b9ca94fd864ef884f23dc86d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-k8s-prometheus-adapter@sha256:f70fa7d2a167ed4358b7050c41a07d3ffcce1fe64aa64060029d581330df532f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:3ed8f193cd5d3f52c5eeb66df9c44f3f68cdb90adb346d726daf4fbc7ad072bb_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-cni-rhel8@sha256:de869399e58a54bc76ca46b4431d7d310e4279b5f01ae19890064451d0b9468b_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:1f8ffb6009d50dfa5101abf26a80f0f8be44529f314d6bfe0ea03512926d058b_amd64",
"8Base-RHOSE-4.14:openshift4/ose-kuryr-controller-rhel8@sha256:6c190d0d37ec5a822954509689e9aa8a5d4a98e6a2885923da1822523e2cfb2e_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:755d0f794c440d32afd60ce2bd4983c9cf3363becae6e611fc6784e448ac1328_s390x",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:a9ec8ccc5d32336980b9e92814ec451c4851b4532b4700c1e640141f8bd49183_arm64",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:cd2d2851edb4c9666a0eb032e07bf2cb07723a72ae35cf109ee5a307aca6daf8_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-api-operator@sha256:eece8800b4cf063e1203132c9dba9364d904bc427228164e3088453d7ae7efae_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:27039fbb5a6823be034a46c591754f601ced02600227ec9e827bc8d4ffe991ee_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:69f23e8a3b24f38f3c57b1fc1084b42b03100dc71e626369a3992a4b47a6b5de_amd64",
"8Base-RHOSE-4.14:openshift4/ose-machine-os-images-rhel8@sha256:c5d1c78280f88bd8989dace00be9b0b4cdf0c03f6159b7e367241afc6e6f2be9_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:26559d1fa110081ec584e744a915964a73175abbd43cb155987788e9af1dc6a5_amd64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:6da272e9b3f8ac035999d475a01475f419de101233627eff9fb1fc79708fb389_s390x",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8412447454b801bc73d7a993b787c989d8ecc1812c3a4fc506e044dd190c7e50_arm64",
"8Base-RHOSE-4.14:openshift4/ose-multus-networkpolicy-rhel8@sha256:8d657db2d316d170aa58e1895369bb4d0a1995018fa31e8eda90db8129d3a7e3_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:2bbde5d22844f79ee08069be9d12ad61d8365b872e10bbd99d1d7a25b3c143c5_s390x",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:6ff789875d553ba1aa167b0c0268d31f1d7f6bb5fc1ed9ee4e99b3bbcf6a2b79_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:dcb2e4d0536ebead329ab0ce74a6612b41dee10dbf1e2d6409446ad8bcadb78d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-network-metrics-daemon-rhel8@sha256:facd71815f28f6514fc981ac60d60461024e573a7705c9cd1bb3786dd8cd6c95_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:31336303b00e5cc8d8bff1064b6be37d2892b16d012da30e23160d9aa6182060_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:73b5d3d85ca87f9dfde2e961cbebb79d67884cf07480135bff5df24d43aa13af_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:9b66eae476027e62a1d7c44b0eb8c1e2eebcd98207e8cef7932a5c541bc04109_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openshift-apiserver-rhel8@sha256:b957d2faeb4c2b83b9a265d64b984c6a525d4111aa6a96911fc3c36e9ab4f47d_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:111210b581f621282ee24e70ac1090eb1693595dc62594dd88efc0d4324d39a9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:2a3b0436d7dd8b82027048ea274911f56992b00e8d31d2633ddf2864de5d88f3_amd64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:938e90d52b7f40d755e0638592a03d2ec46c35dece02110f3e2c9921cf2b5879_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:b6e66b78e7b641908eaca5b11f80fe39d7c620d4525143790c864a785bfdae4f_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:1d7519691fb8f7761927f58cc3c192452418e914584ede9999be84c66877bdb9_s390x",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:7fd0efecdc77c70010ebfabfdffc47df617184eaf02503c631003ce6719862e0_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:9f2a9a1e4d64ed3d90bc49207d2a62a08678f6e5103cb43ee6efeae51caf0e9d_arm64",
"8Base-RHOSE-4.14:openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:b7e493abd5a12b988d1586b433ffecebc5af52bc5357a2d6be2307d45527519d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:372ce069203ba79dea544e5cb4363d66b968e7e2e94e8eeef6dc76755edcfa3a_s390x",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:44cf90fa2c8a7fcf25cda5280b6aabac79e66f434e33f5341fe868db3d0c779c_amd64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:6023ecae84621e486a0cd91862cee8dfe1a7e0d2bbcbe237f7a6171396468ac6_arm64",
"8Base-RHOSE-4.14:openshift4/ose-pod@sha256:8c253241e494712e094b61609b27485f3496955898ce810a41de4040b58accf1_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:753e1cdee8fe91d302378a5086f63b0456e2ca6623db27980da19fb87404ba1d_amd64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:95ac59984a73d14dd5e3fc7ae86243d00b70e66a40a656d3ff61091372943c73_s390x",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:dc539ba93e46d99388f387b7f9cf08052a56bb0c3189fb09818ecec06b1fc934_arm64",
"8Base-RHOSE-4.14:openshift4/ose-service-ca-operator@sha256:e9c6b11129df5681f78abbf3c26db395c369dc8e804b8bfc663afce6950c601c_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:066003b8d615e2883aab0550f347ee0e25cd7b8c7b24a80742272f4acb7e2968_amd64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2708e7f8a0f469b413b91b6e4849828bd1506d651d28e4d60341ce3d70d0de20_ppc64le",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:2dc438aadd6898347a48ddfc6e903da4482b58b39f627b09915b91833540b42b_arm64",
"8Base-RHOSE-4.14:openshift4/ose-tests@sha256:ff1fced76dfdc57bb4a243de22e7c27a76ee67651a4971e68b4424557a8e7c52_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:3c774fa85ae1c6ef8926e9a1f1a1831ed0474511a6c1975fe24fcbd6cc118edc_ppc64le",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:5d8f215f79ae57a23d2627062e6ee08c48bf77ae17e1ac969d5cc0b6ce5295a4_arm64",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:c6896bab5071ff6839b2cfb66544c9a6617428069f3ad8b2d3710d66ad88676d_s390x",
"9Base-RHOSE-4.14:openshift4/driver-toolkit-rhel9@sha256:fca57a24b162f5e51f6d5c77d0867618ef9c08d23c27fc25f5bf3fcda602b134_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:3d183a462d7b0ef842018e9901e6bef07406dae30d37410a1bef2ac5cd37def8_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d705034c2adca20d90af7452de521d75b954d09e09bcbed0720ff00c05bf329e_s390x",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:d81633a941c074b3d036e7785e41abb46887012899dba9b89b531c283a0b9480_amd64",
"9Base-RHOSE-4.14:openshift4/ose-cluster-node-tuning-operator@sha256:de68d103ba913414c9000762bcecb64a3bdc7f15a0572d321f7485c3943b1fbb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4ae6c4725722b7f0040d58c455a0a320e86cbaec5a9899b392750dcdadd7d5e7_amd64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:4eddf487d75891dc19ba0c16d655eda2416f8b6f293801c8e55f1f00aa8f8dfb_arm64",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:53e0fa75579250d9e66b7c394a597f538a1e3909956a0b2928eb35b9007f1ddc_ppc64le",
"9Base-RHOSE-4.14:openshift4/ose-hyperkube-rhel9@sha256:5d6d34f3d4d89b63cd67396e3012af24033a29eec6f08deffc3df05c42842b74_s390x",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:160fd3de1bca1228e0cd69b81674f73572eb88220c9ae2e2c43772fbedd6a86f_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:2a764e7c35d27cdd87479326ffbc2eaa85f8d81256fcc1415684d38e22a723c1_arm64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:a0e102e1360ac948b3de6d31dcdead02ee0046951bad4c5f2e499ba979572ac5_amd64",
"9Base-RHOSE-4.14:openshift4/ose-ironic-rhel9@sha256:c7e9b90fa91bef70de2f62346ba59ff87f580efb9931548622cc7e0cee0aa3ac_arm64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_7325
Vulnerability from csaf_redhat - Published: 2023-11-21 12:04 - Updated: 2024-12-17 02:54A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-core-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-debug-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-debug-core-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-devel-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-modules-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-modules-core-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-64k-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-abi-stablelists-0:5.14.0-284.41.1.el9_2.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debug-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debuginfo-common-aarch64-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debuginfo-common-ppc64le-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debuginfo-common-s390x-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-debuginfo-common-x86_64-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-doc-0:5.14.0-284.41.1.el9_2.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-debug-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-debug-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-debug-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-debug-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-debug-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-debug-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-debug-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-debug-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-debug-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-debug-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-debug-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-rt-selftests-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-zfcpdump-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-zfcpdump-core-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-zfcpdump-debuginfo-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-zfcpdump-devel-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-zfcpdump-devel-matched-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-zfcpdump-modules-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-zfcpdump-modules-core-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-zfcpdump-modules-extra-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-zfcpdump-modules-internal-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:kernel-zfcpdump-modules-partner-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.13:openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.13:openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.13:openstack-ironic-api-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.13:openstack-ironic-common-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.13:openstack-ironic-conductor-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.13:openstack-ironic-dnsmasq-tftp-server-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-IRONIC-4.13:python3-ironic-tests-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.13.23 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.13.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.23. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2023:7323\n\nSecurity Fix(es):\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS\nattack (Rapid Reset Attack) (CVE-2023-44487)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7325",
"url": "https://access.redhat.com/errata/RHSA-2023:7325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7325.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.13.23 packages and security update",
"tracking": {
"current_release_date": "2024-12-17T02:54:09+00:00",
"generator": {
"date": "2024-12-17T02:54:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:7325",
"initial_release_date": "2023-11-21T12:04:13+00:00",
"revision_history": [
{
"date": "2023-11-21T12:04:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-21T12:04:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T02:54:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.13",
"product": {
"name": "Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.13::el9"
}
}
},
{
"category": "product_name",
"name": "Ironic content for Red Hat OpenShift Container Platform 4.13",
"product": {
"name": "Ironic content for Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-IRONIC-4.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_ironic:4.13::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.13",
"product": {
"name": "Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.13::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.src",
"product": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.src",
"product_id": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.26.4-5.1.rhaos4.13.git969e013.el9?arch=src"
}
}
},
{
"category": "product_version",
"name": "kernel-0:5.14.0-284.41.1.el9_2.src",
"product": {
"name": "kernel-0:5.14.0-284.41.1.el9_2.src",
"product_id": "kernel-0:5.14.0-284.41.1.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@5.14.0-284.41.1.el9_2?arch=src"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.src",
"product": {
"name": "kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.src",
"product_id": "kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.41.1.rt14.326.el9_2?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.src",
"product": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.src",
"product_id": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.src",
"product": {
"name": "openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.src",
"product_id": "openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-ironic@21.3.1-0.20231106145533.e53dc4f.el9?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.src",
"product": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.src",
"product_id": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.26.4-5.1.rhaos4.13.git969e013.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.src",
"product": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.src",
"product_id": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"product": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"product_id": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.26.4-5.1.rhaos4.13.git969e013.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"product": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"product_id": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.26.4-5.1.rhaos4.13.git969e013.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"product_id": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.26.4-5.1.rhaos4.13.git969e013.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:7.0.0-284.41.1.el9_2.x86_64",
"product": {
"name": "bpftool-0:7.0.0-284.41.1.el9_2.x86_64",
"product_id": "bpftool-0:7.0.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@7.0.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-core-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-core-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-cross-headers@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-debug-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-debug-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel-matched@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-core@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-partner@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-debug-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-debug-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-uki-virt@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel-matched@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-ipaclones-internal@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-core@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-partner@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-tools-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-tools-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-uki-virt@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "perf-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "perf-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "python3-perf-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "python3-perf-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rtla-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "rtla-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "rtla-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rtla@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.x86_64",
"product": {
"name": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.x86_64",
"product_id": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@7.0.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-x86_64-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-debuginfo-common-x86_64-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-debuginfo-common-x86_64-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product": {
"name": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product_id": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@5.14.0-284.41.1.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-debug-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-debug-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-debug-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-debug-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel-matched@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-debug-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-core@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-internal@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-partner@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel-matched@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-core@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-internal@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-partner@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-selftests-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-selftests-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-selftests-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-selftests-internal@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-284.41.1.rt14.326.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"product": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"product_id": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"product_id": "openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"product": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"product_id": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.26.4-5.1.rhaos4.13.git969e013.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"product": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"product_id": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.26.4-5.1.rhaos4.13.git969e013.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"product_id": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.26.4-5.1.rhaos4.13.git969e013.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"product_id": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"product_id": "openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"product": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"product_id": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.26.4-5.1.rhaos4.13.git969e013.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"product": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"product_id": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.26.4-5.1.rhaos4.13.git969e013.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"product": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"product_id": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.26.4-5.1.rhaos4.13.git969e013.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:7.0.0-284.41.1.el9_2.aarch64",
"product": {
"name": "bpftool-0:7.0.0-284.41.1.el9_2.aarch64",
"product_id": "bpftool-0:7.0.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@7.0.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-core@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug-core@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug-devel@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug-devel-matched@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug-modules@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug-modules-core@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug-modules-extra@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug-modules-internal@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug-modules-partner@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-devel@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-devel-matched@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-modules@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-modules-core@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-modules-extra@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-modules-internal@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-modules-partner@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-cross-headers@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel-matched@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-core@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-partner@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel-matched@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-core@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-partner@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-tools-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-tools-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "perf-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "perf-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "perf-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "python3-perf-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "python3-perf-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rtla-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "rtla-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "rtla-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rtla@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.aarch64",
"product": {
"name": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.aarch64",
"product_id": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@7.0.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug-debuginfo@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-64k-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-64k-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debuginfo@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-aarch64-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-debuginfo-common-aarch64-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-debuginfo-common-aarch64-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-aarch64@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product": {
"name": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product_id": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@5.14.0-284.41.1.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.aarch64",
"product": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.aarch64",
"product_id": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"product": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"product_id": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.26.4-5.1.rhaos4.13.git969e013.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"product": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"product_id": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.26.4-5.1.rhaos4.13.git969e013.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"product": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"product_id": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.26.4-5.1.rhaos4.13.git969e013.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.aarch64",
"product": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.aarch64",
"product_id": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"product": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"product_id": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.26.4-5.1.rhaos4.13.git969e013.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"product": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"product_id": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.26.4-5.1.rhaos4.13.git969e013.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"product": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"product_id": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.26.4-5.1.rhaos4.13.git969e013.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:7.0.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "bpftool-0:7.0.0-284.41.1.el9_2.ppc64le",
"product_id": "bpftool-0:7.0.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@7.0.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-cross-headers@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-debug-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-debug-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel-matched@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-core@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-partner@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel-matched@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-ipaclones-internal@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-core@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-partner@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-tools-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-tools-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "python3-perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "python3-perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rtla-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "rtla-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "rtla-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rtla@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.ppc64le",
"product_id": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@7.0.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-ppc64le-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-debuginfo-common-ppc64le-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-debuginfo-common-ppc64le-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product": {
"name": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_id": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@5.14.0-284.41.1.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.ppc64le",
"product": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.ppc64le",
"product_id": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"product": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"product_id": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.26.4-5.1.rhaos4.13.git969e013.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"product": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"product_id": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.26.4-5.1.rhaos4.13.git969e013.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"product": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"product_id": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.26.4-5.1.rhaos4.13.git969e013.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.ppc64le",
"product": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.ppc64le",
"product_id": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"product": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"product_id": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.26.4-5.1.rhaos4.13.git969e013.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"product": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"product_id": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.26.4-5.1.rhaos4.13.git969e013.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"product": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"product_id": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.26.4-5.1.rhaos4.13.git969e013.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:7.0.0-284.41.1.el9_2.s390x",
"product": {
"name": "bpftool-0:7.0.0-284.41.1.el9_2.s390x",
"product_id": "bpftool-0:7.0.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@7.0.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-core-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-core-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-cross-headers@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-debug-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-debug-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel-matched@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-core@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-partner@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-devel-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-devel-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel-matched@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-headers-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-headers-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-modules-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-modules-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-core@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-partner@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-tools-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-tools-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-zfcpdump-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-zfcpdump-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-core-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-zfcpdump-core-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-zfcpdump-core-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-core@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-devel-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-zfcpdump-devel-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-zfcpdump-devel-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-devel@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-zfcpdump-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-zfcpdump-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-devel-matched@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-zfcpdump-modules-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-zfcpdump-modules-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-zfcpdump-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-zfcpdump-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-core@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-zfcpdump-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-zfcpdump-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-extra@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-zfcpdump-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-zfcpdump-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-internal@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-zfcpdump-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-zfcpdump-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-partner@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "perf-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "perf-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "perf-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "python3-perf-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "python3-perf-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rtla-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "rtla-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "rtla-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rtla@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.s390x",
"product": {
"name": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.s390x",
"product_id": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@7.0.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-s390x-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-debuginfo-common-s390x-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-debuginfo-common-s390x-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-s390x@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "kernel-zfcpdump-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "kernel-zfcpdump-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-debuginfo@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product": {
"name": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product_id": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@5.14.0-284.41.1.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.s390x",
"product": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.s390x",
"product_id": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"product": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"product_id": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.26.4-5.1.rhaos4.13.git969e013.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"product": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"product_id": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.26.4-5.1.rhaos4.13.git969e013.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"product": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"product_id": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.26.4-5.1.rhaos4.13.git969e013.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.s390x",
"product": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.s390x",
"product_id": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-abi-stablelists-0:5.14.0-284.41.1.el9_2.noarch",
"product": {
"name": "kernel-abi-stablelists-0:5.14.0-284.41.1.el9_2.noarch",
"product_id": "kernel-abi-stablelists-0:5.14.0-284.41.1.el9_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-abi-stablelists@5.14.0-284.41.1.el9_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:5.14.0-284.41.1.el9_2.noarch",
"product": {
"name": "kernel-doc-0:5.14.0-284.41.1.el9_2.noarch",
"product_id": "kernel-doc-0:5.14.0-284.41.1.el9_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@5.14.0-284.41.1.el9_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product": {
"name": "openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product_id": "openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-ironic@21.3.1-0.20231106145533.e53dc4f.el9?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-ironic-api-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product": {
"name": "openstack-ironic-api-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product_id": "openstack-ironic-api-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-ironic-api@21.3.1-0.20231106145533.e53dc4f.el9?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-ironic-common-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product": {
"name": "openstack-ironic-common-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product_id": "openstack-ironic-common-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-ironic-common@21.3.1-0.20231106145533.e53dc4f.el9?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-ironic-conductor-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product": {
"name": "openstack-ironic-conductor-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product_id": "openstack-ironic-conductor-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-ironic-conductor@21.3.1-0.20231106145533.e53dc4f.el9?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openstack-ironic-dnsmasq-tftp-server-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product": {
"name": "openstack-ironic-dnsmasq-tftp-server-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product_id": "openstack-ironic-dnsmasq-tftp-server-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-ironic-dnsmasq-tftp-server@21.3.1-0.20231106145533.e53dc4f.el9?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3-ironic-tests-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product": {
"name": "python3-ironic-tests-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product_id": "python3-ironic-tests-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ironic-tests@21.3.1-0.20231106145533.e53dc4f.el9?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64"
},
"product_reference": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le"
},
"product_reference": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x"
},
"product_reference": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.src as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.src"
},
"product_reference": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64"
},
"product_reference": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64"
},
"product_reference": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le"
},
"product_reference": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x"
},
"product_reference": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64"
},
"product_reference": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le"
},
"product_reference": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x"
},
"product_reference": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64"
},
"product_reference": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.aarch64"
},
"product_reference": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.ppc64le"
},
"product_reference": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.s390x"
},
"product_reference": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.src as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.src"
},
"product_reference": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:7.0.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.aarch64"
},
"product_reference": "bpftool-0:7.0.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:7.0.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "bpftool-0:7.0.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:7.0.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.s390x"
},
"product_reference": "bpftool-0:7.0.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:7.0.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.x86_64"
},
"product_reference": "bpftool-0:7.0.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.aarch64"
},
"product_reference": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.s390x"
},
"product_reference": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.x86_64"
},
"product_reference": "bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64"
},
"product_reference": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le"
},
"product_reference": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x"
},
"product_reference": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.src as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.src"
},
"product_reference": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.src",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64"
},
"product_reference": "cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64"
},
"product_reference": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le"
},
"product_reference": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x"
},
"product_reference": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64"
},
"product_reference": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le"
},
"product_reference": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x"
},
"product_reference": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64"
},
"product_reference": "cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:5.14.0-284.41.1.el9_2.src as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.src"
},
"product_reference": "kernel-0:5.14.0-284.41.1.el9_2.src",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-core-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-core-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-core-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-debug-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-core-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-debug-core-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-devel-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-devel-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-modules-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-modules-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-modules-core-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-modules-core-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-64k-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-64k-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-stablelists-0:5.14.0-284.41.1.el9_2.noarch as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-abi-stablelists-0:5.14.0-284.41.1.el9_2.noarch"
},
"product_reference": "kernel-abi-stablelists-0:5.14.0-284.41.1.el9_2.noarch",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-core-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-core-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-core-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-cross-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-debug-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-debug-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-debug-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-debug-core-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-debug-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-debug-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debug-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-debug-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-aarch64-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debuginfo-common-aarch64-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-debuginfo-common-aarch64-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debuginfo-common-ppc64le-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-s390x-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debuginfo-common-s390x-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-debuginfo-common-s390x-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-debuginfo-common-x86_64-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-devel-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:5.14.0-284.41.1.el9_2.noarch as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-doc-0:5.14.0-284.41.1.el9_2.noarch"
},
"product_reference": "kernel-doc-0:5.14.0-284.41.1.el9_2.noarch",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-headers-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-modules-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.src as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.src",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-debug-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-debug-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-debug-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-debug-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-debug-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-debug-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-debug-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-debug-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-debug-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-debug-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-debug-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-selftests-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-rt-selftests-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64"
},
"product_reference": "kernel-rt-selftests-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-tools-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-tools-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-tools-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-tools-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-tools-libs-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "kernel-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-zfcpdump-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-zfcpdump-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-core-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-zfcpdump-core-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-zfcpdump-core-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-debuginfo-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-zfcpdump-debuginfo-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-zfcpdump-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-devel-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-zfcpdump-devel-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-zfcpdump-devel-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-devel-matched-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-zfcpdump-devel-matched-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-zfcpdump-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-zfcpdump-modules-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-zfcpdump-modules-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-core-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-zfcpdump-modules-core-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-zfcpdump-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-extra-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-zfcpdump-modules-extra-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-zfcpdump-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-internal-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-zfcpdump-modules-internal-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-zfcpdump-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-partner-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:kernel-zfcpdump-modules-partner-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "kernel-zfcpdump-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.aarch64"
},
"product_reference": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.ppc64le"
},
"product_reference": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.s390x"
},
"product_reference": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.src as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.src"
},
"product_reference": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.src",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64"
},
"product_reference": "openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "perf-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "perf-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "perf-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "python3-perf-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "python3-perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "python3-perf-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "python3-perf-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rtla-0:5.14.0-284.41.1.el9_2.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.aarch64"
},
"product_reference": "rtla-0:5.14.0-284.41.1.el9_2.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rtla-0:5.14.0-284.41.1.el9_2.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.ppc64le"
},
"product_reference": "rtla-0:5.14.0-284.41.1.el9_2.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rtla-0:5.14.0-284.41.1.el9_2.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.s390x"
},
"product_reference": "rtla-0:5.14.0-284.41.1.el9_2.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rtla-0:5.14.0-284.41.1.el9_2.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.x86_64"
},
"product_reference": "rtla-0:5.14.0-284.41.1.el9_2.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch as a component of Ironic content for Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-IRONIC-4.13:openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch"
},
"product_reference": "openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.src as a component of Ironic content for Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-IRONIC-4.13:openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.src"
},
"product_reference": "openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.src",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-ironic-api-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch as a component of Ironic content for Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-IRONIC-4.13:openstack-ironic-api-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch"
},
"product_reference": "openstack-ironic-api-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-ironic-common-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch as a component of Ironic content for Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-IRONIC-4.13:openstack-ironic-common-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch"
},
"product_reference": "openstack-ironic-common-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-ironic-conductor-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch as a component of Ironic content for Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-IRONIC-4.13:openstack-ironic-conductor-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch"
},
"product_reference": "openstack-ironic-conductor-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-ironic-dnsmasq-tftp-server-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch as a component of Ironic content for Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-IRONIC-4.13:openstack-ironic-dnsmasq-tftp-server-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch"
},
"product_reference": "openstack-ironic-dnsmasq-tftp-server-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ironic-tests-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch as a component of Ironic content for Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-IRONIC-4.13:python3-ironic-tests-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch"
},
"product_reference": "python3-ironic-tests-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-IRONIC-4.13"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.s390x",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.src",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.13:openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.src",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-64k-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-abi-stablelists-0:5.14.0-284.41.1.el9_2.noarch",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debuginfo-common-aarch64-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debuginfo-common-ppc64le-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debuginfo-common-s390x-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debuginfo-common-x86_64-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-doc-0:5.14.0-284.41.1.el9_2.noarch",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.src",
"9Base-RHOSE-4.13:kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-selftests-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-zfcpdump-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-devel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.s390x",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.src",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.13:openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.src",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-api-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-common-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-conductor-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-dnsmasq-tftp-server-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:python3-ironic-tests-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.src",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.src",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.s390x",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.src",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.13:openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.src",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-64k-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-abi-stablelists-0:5.14.0-284.41.1.el9_2.noarch",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debuginfo-common-aarch64-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debuginfo-common-ppc64le-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debuginfo-common-s390x-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debuginfo-common-x86_64-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-doc-0:5.14.0-284.41.1.el9_2.noarch",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.src",
"9Base-RHOSE-4.13:kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-selftests-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-zfcpdump-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-devel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.s390x",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.src",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.13:openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.src",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-api-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-common-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-conductor-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-dnsmasq-tftp-server-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:python3-ironic-tests-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-21T12:04:13+00:00",
"details": "For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.src",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.src",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7325"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.src",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.s390x",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.src",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.13:openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.src",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.src",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-64k-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-abi-stablelists-0:5.14.0-284.41.1.el9_2.noarch",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debuginfo-common-aarch64-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debuginfo-common-ppc64le-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debuginfo-common-s390x-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debuginfo-common-x86_64-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-doc-0:5.14.0-284.41.1.el9_2.noarch",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.src",
"9Base-RHOSE-4.13:kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-selftests-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-zfcpdump-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-devel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.s390x",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.src",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.13:openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.src",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-api-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-common-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-conductor-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-dnsmasq-tftp-server-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:python3-ironic-tests-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.src",
"8Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"8Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.aarch64",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.ppc64le",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.s390x",
"8Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el8.x86_64",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.s390x",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.src",
"8Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.13:openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el8.x86_64",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:bpftool-0:7.0.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:bpftool-debuginfo-0:7.0.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.src",
"9Base-RHOSE-4.13:cri-o-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"9Base-RHOSE-4.13:cri-o-debuginfo-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.aarch64",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.ppc64le",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.s390x",
"9Base-RHOSE-4.13:cri-o-debugsource-0:1.26.4-5.1.rhaos4.13.git969e013.el9.x86_64",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.src",
"9Base-RHOSE-4.13:kernel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-64k-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-64k-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-abi-stablelists-0:5.14.0-284.41.1.el9_2.noarch",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-cross-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debug-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debug-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-debuginfo-common-aarch64-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-debuginfo-common-ppc64le-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-debuginfo-common-s390x-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-debuginfo-common-x86_64-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-devel-matched-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-doc-0:5.14.0-284.41.1.el9_2.noarch",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-headers-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-ipaclones-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-core-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-extra-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-modules-partner-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.src",
"9Base-RHOSE-4.13:kernel-rt-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debug-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debuginfo-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-devel-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-devel-matched-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-kvm-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-core-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-extra-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-modules-partner-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-rt-selftests-internal-0:5.14.0-284.41.1.rt14.326.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-selftests-internal-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-tools-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-tools-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-libs-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:kernel-tools-libs-devel-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-uki-virt-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:kernel-zfcpdump-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-devel-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-devel-matched-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-core-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-extra-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-internal-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:kernel-zfcpdump-modules-partner-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.aarch64",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.ppc64le",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.s390x",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.src",
"9Base-RHOSE-4.13:openshift-clients-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.13:openshift-clients-redistributable-0:4.13.0-202311151332.p0.gc7c6eb2.assembly.stream.el9.x86_64",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:perf-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:python3-perf-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:python3-perf-debuginfo-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.aarch64",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.ppc64le",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.s390x",
"9Base-RHOSE-4.13:rtla-0:5.14.0-284.41.1.el9_2.x86_64",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-1:21.3.1-0.20231106145533.e53dc4f.el9.src",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-api-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-common-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-conductor-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:openstack-ironic-dnsmasq-tftp-server-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch",
"9Base-RHOSE-IRONIC-4.13:python3-ironic-tests-1:21.3.1-0.20231106145533.e53dc4f.el9.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_7334
Vulnerability from csaf_redhat - Published: 2023-11-16 14:46 - Updated: 2024-12-17 02:53A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for rh-varnish6-varnish is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don\u0027t have to create the same web page over and over again, giving the website a significant speed up.\n\nSecurity Fix(es):\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7334",
"url": "https://access.redhat.com/errata/RHSA-2023:7334"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7334.json"
}
],
"title": "Red Hat Security Advisory: rh-varnish6-varnish security update",
"tracking": {
"current_release_date": "2024-12-17T02:53:21+00:00",
"generator": {
"date": "2024-12-17T02:53:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:7334",
"initial_release_date": "2023-11-16T14:46:17+00:00",
"revision_history": [
{
"date": "2023-11-16T14:46:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-16T14:46:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T02:53:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for RHEL Workstation(v. 7)",
"product": {
"name": "Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for RHEL(v. 7)",
"product": {
"name": "Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.src",
"product": {
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.src",
"product_id": "rh-varnish6-varnish-0:6.0.8-2.el7.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-varnish6-varnish@6.0.8-2.el7.3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64",
"product": {
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64",
"product_id": "rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-varnish6-varnish@6.0.8-2.el7.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64",
"product": {
"name": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64",
"product_id": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-varnish6-varnish-devel@6.0.8-2.el7.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64",
"product": {
"name": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64",
"product_id": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-varnish6-varnish-docs@6.0.8-2.el7.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64",
"product": {
"name": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64",
"product_id": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-varnish6-varnish-libs@6.0.8-2.el7.3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x",
"product": {
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x",
"product_id": "rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-varnish6-varnish@6.0.8-2.el7.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x",
"product": {
"name": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x",
"product_id": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-varnish6-varnish-devel@6.0.8-2.el7.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x",
"product": {
"name": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x",
"product_id": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-varnish6-varnish-docs@6.0.8-2.el7.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x",
"product": {
"name": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x",
"product_id": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-varnish6-varnish-libs@6.0.8-2.el7.3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le",
"product": {
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le",
"product_id": "rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-varnish6-varnish@6.0.8-2.el7.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le",
"product": {
"name": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le",
"product_id": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-varnish6-varnish-devel@6.0.8-2.el7.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le",
"product": {
"name": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le",
"product_id": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-varnish6-varnish-docs@6.0.8-2.el7.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le",
"product": {
"name": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le",
"product_id": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-varnish6-varnish-libs@6.0.8-2.el7.3?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le"
},
"product_reference": "rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x"
},
"product_reference": "rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.src as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.src"
},
"product_reference": "rh-varnish6-varnish-0:6.0.8-2.el7.3.src",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64"
},
"product_reference": "rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le"
},
"product_reference": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x"
},
"product_reference": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64"
},
"product_reference": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le"
},
"product_reference": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x"
},
"product_reference": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64"
},
"product_reference": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le"
},
"product_reference": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x"
},
"product_reference": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64"
},
"product_reference": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le"
},
"product_reference": "rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x"
},
"product_reference": "rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.src as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.src"
},
"product_reference": "rh-varnish6-varnish-0:6.0.8-2.el7.3.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64"
},
"product_reference": "rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le"
},
"product_reference": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x"
},
"product_reference": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64"
},
"product_reference": "rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le"
},
"product_reference": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x"
},
"product_reference": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64"
},
"product_reference": "rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le"
},
"product_reference": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x"
},
"product_reference": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64"
},
"product_reference": "rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.src",
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64",
"7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64",
"7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64",
"7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.src",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T14:46:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.src",
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64",
"7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64",
"7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64",
"7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.src",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7334"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.src",
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64",
"7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64",
"7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64",
"7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.src",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.src",
"7Server-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64",
"7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64",
"7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64",
"7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le",
"7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x",
"7Server-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.src",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-devel-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-docs-0:6.0.8-2.el7.3.x86_64",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.ppc64le",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.s390x",
"7Workstation-RHSCL-3.8:rh-varnish6-varnish-libs-0:6.0.8-2.el7.3.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_7335
Vulnerability from csaf_redhat - Published: 2023-11-16 15:57 - Updated: 2024-12-17 02:53A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7-tech-preview/rhpam-kogito-runtime-native-rhel8@sha256:f100720059d7a0d35ff776e5b928486708b420b7a70652e82b815e4dc654b1f5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:878b83b28bf3b7dcfcb710c70ff06268477dddfa6a3df21b7dbe52f53ca3ca40_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:52e746b99d6a15be91dc7c4e74fb0a58c27ca1d08151d456336e26b0cbcb54fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:c570297daff9ae813db39b27b4604f56cfcfa32a27e81d339da06dd33c13254f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:b787d57beb85e6098033b8c26789d2cc7a29faf7463fa8607d962382752f0883_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:62a457fc1595ed3e534ef9c792cb2bdf3c1712642d370b450a2f341bdd118eda_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-builder-rhel8@sha256:2caadb26d1a4ed774bdfa67664d11210b02a143b741cd4068b1654d51ed80c61_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-builder-rhel8@sha256:eeb33a9caf57c04f021eea1aba0c87f8d4e70c1a804fbe1c8adc68859e7c4424_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:056cc42012b5da9581c8d6f347a1693d6d3d904f76954fc1aafe12a6601994aa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:4553c12fa6f1a41b098efb333ce15d062eeea289b2bed5b2fd3075f5d4bb8cc8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator@sha256:52c4c3483cbcd0552730311a21cd4f32902de01b0efbaca2420a96dae6ad6b59_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator@sha256:6ea8b56d752f98a1dd48d8e91f00f49a8f40124b6ec4464209e2e8554de7c93e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:cbddd58758ac980a75e007808225feb9e65c280bbdc4727330acfa639474b808_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:ccb049dd64523e98d0e7a0f7cf99e2171f17917532f4d10ab5893b24c1b19698_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:d5d8ae9b97b00623af7c4c85a15966bf4de7bc53b767634d6e8e33ba4167d9d3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:193ff45f398332ecb2af83f7c6bd1e729ca64e5bbb757ce6623b75a448bfaf55_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:a7a20aed601d9a2ff38788dc773f821c1f68132de83fb1c36cc534a4f0d3468c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:91b1516edf464d7f67b9f97062629d0e1beb1c3023d94871db577c392a2df2a8_amd64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Process Automation Manager including images for Red Hat OpenShift Container Platform.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis release includes security fixes.\n\nSecurity Fix(es):\n\n* netty-codec-http2: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* undertow: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* Quarkus: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* EAP XP: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* EAP: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* businessautomation-operator: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7335",
"url": "https://access.redhat.com/errata/RHSA-2023:7335"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHPAM-4816",
"url": "https://issues.redhat.com/browse/RHPAM-4816"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7335.json"
}
],
"title": "Red Hat Security Advisory: Updated Red Hat Process Automation Manager 7.13.4 SP2 Images",
"tracking": {
"current_release_date": "2024-12-17T02:53:30+00:00",
"generator": {
"date": "2024-12-17T02:53:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:7335",
"initial_release_date": "2023-11-16T15:57:46+00:00",
"revision_history": [
{
"date": "2023-11-16T15:57:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-16T15:57:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T02:53:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Middleware Containers for OpenShift",
"product": {
"name": "Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhosemc:1.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:878b83b28bf3b7dcfcb710c70ff06268477dddfa6a3df21b7dbe52f53ca3ca40_amd64",
"product": {
"name": "rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:878b83b28bf3b7dcfcb710c70ff06268477dddfa6a3df21b7dbe52f53ca3ca40_amd64",
"product_id": "rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:878b83b28bf3b7dcfcb710c70ff06268477dddfa6a3df21b7dbe52f53ca3ca40_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-businesscentral-monitoring-rhel8@sha256:878b83b28bf3b7dcfcb710c70ff06268477dddfa6a3df21b7dbe52f53ca3ca40?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-businesscentral-monitoring-rhel8\u0026tag=7.13.4-11"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-businesscentral-rhel8@sha256:52e746b99d6a15be91dc7c4e74fb0a58c27ca1d08151d456336e26b0cbcb54fe_amd64",
"product": {
"name": "rhpam-7/rhpam-businesscentral-rhel8@sha256:52e746b99d6a15be91dc7c4e74fb0a58c27ca1d08151d456336e26b0cbcb54fe_amd64",
"product_id": "rhpam-7/rhpam-businesscentral-rhel8@sha256:52e746b99d6a15be91dc7c4e74fb0a58c27ca1d08151d456336e26b0cbcb54fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-businesscentral-rhel8@sha256:52e746b99d6a15be91dc7c4e74fb0a58c27ca1d08151d456336e26b0cbcb54fe?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-businesscentral-rhel8\u0026tag=7.13.4-11"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-controller-rhel8@sha256:c570297daff9ae813db39b27b4604f56cfcfa32a27e81d339da06dd33c13254f_amd64",
"product": {
"name": "rhpam-7/rhpam-controller-rhel8@sha256:c570297daff9ae813db39b27b4604f56cfcfa32a27e81d339da06dd33c13254f_amd64",
"product_id": "rhpam-7/rhpam-controller-rhel8@sha256:c570297daff9ae813db39b27b4604f56cfcfa32a27e81d339da06dd33c13254f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-controller-rhel8@sha256:c570297daff9ae813db39b27b4604f56cfcfa32a27e81d339da06dd33c13254f?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-controller-rhel8\u0026tag=7.13.4-11"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-dashbuilder-rhel8@sha256:b787d57beb85e6098033b8c26789d2cc7a29faf7463fa8607d962382752f0883_amd64",
"product": {
"name": "rhpam-7/rhpam-dashbuilder-rhel8@sha256:b787d57beb85e6098033b8c26789d2cc7a29faf7463fa8607d962382752f0883_amd64",
"product_id": "rhpam-7/rhpam-dashbuilder-rhel8@sha256:b787d57beb85e6098033b8c26789d2cc7a29faf7463fa8607d962382752f0883_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-dashbuilder-rhel8@sha256:b787d57beb85e6098033b8c26789d2cc7a29faf7463fa8607d962382752f0883?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-dashbuilder-rhel8\u0026tag=7.13.4-11"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-kieserver-rhel8@sha256:62a457fc1595ed3e534ef9c792cb2bdf3c1712642d370b450a2f341bdd118eda_amd64",
"product": {
"name": "rhpam-7/rhpam-kieserver-rhel8@sha256:62a457fc1595ed3e534ef9c792cb2bdf3c1712642d370b450a2f341bdd118eda_amd64",
"product_id": "rhpam-7/rhpam-kieserver-rhel8@sha256:62a457fc1595ed3e534ef9c792cb2bdf3c1712642d370b450a2f341bdd118eda_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-kieserver-rhel8@sha256:62a457fc1595ed3e534ef9c792cb2bdf3c1712642d370b450a2f341bdd118eda?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-kieserver-rhel8\u0026tag=7.13.4-8"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-kogito-builder-rhel8@sha256:2caadb26d1a4ed774bdfa67664d11210b02a143b741cd4068b1654d51ed80c61_amd64",
"product": {
"name": "rhpam-7/rhpam-kogito-builder-rhel8@sha256:2caadb26d1a4ed774bdfa67664d11210b02a143b741cd4068b1654d51ed80c61_amd64",
"product_id": "rhpam-7/rhpam-kogito-builder-rhel8@sha256:2caadb26d1a4ed774bdfa67664d11210b02a143b741cd4068b1654d51ed80c61_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-kogito-builder-rhel8@sha256:2caadb26d1a4ed774bdfa67664d11210b02a143b741cd4068b1654d51ed80c61?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-kogito-builder-rhel8\u0026tag=7.13.4-5"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:4553c12fa6f1a41b098efb333ce15d062eeea289b2bed5b2fd3075f5d4bb8cc8_amd64",
"product": {
"name": "rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:4553c12fa6f1a41b098efb333ce15d062eeea289b2bed5b2fd3075f5d4bb8cc8_amd64",
"product_id": "rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:4553c12fa6f1a41b098efb333ce15d062eeea289b2bed5b2fd3075f5d4bb8cc8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-kogito-rhel8-operator-bundle@sha256:4553c12fa6f1a41b098efb333ce15d062eeea289b2bed5b2fd3075f5d4bb8cc8?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-kogito-rhel8-operator-bundle\u0026tag=7.13.4-3"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-kogito-rhel8-operator@sha256:52c4c3483cbcd0552730311a21cd4f32902de01b0efbaca2420a96dae6ad6b59_amd64",
"product": {
"name": "rhpam-7/rhpam-kogito-rhel8-operator@sha256:52c4c3483cbcd0552730311a21cd4f32902de01b0efbaca2420a96dae6ad6b59_amd64",
"product_id": "rhpam-7/rhpam-kogito-rhel8-operator@sha256:52c4c3483cbcd0552730311a21cd4f32902de01b0efbaca2420a96dae6ad6b59_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-kogito-rhel8-operator@sha256:52c4c3483cbcd0552730311a21cd4f32902de01b0efbaca2420a96dae6ad6b59?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-kogito-rhel8-operator\u0026tag=7.13.4-4"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:cbddd58758ac980a75e007808225feb9e65c280bbdc4727330acfa639474b808_amd64",
"product": {
"name": "rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:cbddd58758ac980a75e007808225feb9e65c280bbdc4727330acfa639474b808_amd64",
"product_id": "rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:cbddd58758ac980a75e007808225feb9e65c280bbdc4727330acfa639474b808_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-kogito-runtime-jvm-rhel8@sha256:cbddd58758ac980a75e007808225feb9e65c280bbdc4727330acfa639474b808?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-kogito-runtime-jvm-rhel8\u0026tag=7.13.4-5"
}
}
},
{
"category": "product_version",
"name": "rhpam-7-tech-preview/rhpam-kogito-runtime-native-rhel8@sha256:f100720059d7a0d35ff776e5b928486708b420b7a70652e82b815e4dc654b1f5_amd64",
"product": {
"name": "rhpam-7-tech-preview/rhpam-kogito-runtime-native-rhel8@sha256:f100720059d7a0d35ff776e5b928486708b420b7a70652e82b815e4dc654b1f5_amd64",
"product_id": "rhpam-7-tech-preview/rhpam-kogito-runtime-native-rhel8@sha256:f100720059d7a0d35ff776e5b928486708b420b7a70652e82b815e4dc654b1f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-kogito-runtime-native-rhel8@sha256:f100720059d7a0d35ff776e5b928486708b420b7a70652e82b815e4dc654b1f5?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7-tech-preview/rhpam-kogito-runtime-native-rhel8\u0026tag=7.13.4-5"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-process-migration-rhel8@sha256:193ff45f398332ecb2af83f7c6bd1e729ca64e5bbb757ce6623b75a448bfaf55_amd64",
"product": {
"name": "rhpam-7/rhpam-process-migration-rhel8@sha256:193ff45f398332ecb2af83f7c6bd1e729ca64e5bbb757ce6623b75a448bfaf55_amd64",
"product_id": "rhpam-7/rhpam-process-migration-rhel8@sha256:193ff45f398332ecb2af83f7c6bd1e729ca64e5bbb757ce6623b75a448bfaf55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-process-migration-rhel8@sha256:193ff45f398332ecb2af83f7c6bd1e729ca64e5bbb757ce6623b75a448bfaf55?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-process-migration-rhel8\u0026tag=7.13.4-11"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-rhel8-operator@sha256:a7a20aed601d9a2ff38788dc773f821c1f68132de83fb1c36cc534a4f0d3468c_amd64",
"product": {
"name": "rhpam-7/rhpam-rhel8-operator@sha256:a7a20aed601d9a2ff38788dc773f821c1f68132de83fb1c36cc534a4f0d3468c_amd64",
"product_id": "rhpam-7/rhpam-rhel8-operator@sha256:a7a20aed601d9a2ff38788dc773f821c1f68132de83fb1c36cc534a4f0d3468c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-rhel8-operator@sha256:a7a20aed601d9a2ff38788dc773f821c1f68132de83fb1c36cc534a4f0d3468c?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-rhel8-operator\u0026tag=7.13.4-2"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-smartrouter-rhel8@sha256:91b1516edf464d7f67b9f97062629d0e1beb1c3023d94871db577c392a2df2a8_amd64",
"product": {
"name": "rhpam-7/rhpam-smartrouter-rhel8@sha256:91b1516edf464d7f67b9f97062629d0e1beb1c3023d94871db577c392a2df2a8_amd64",
"product_id": "rhpam-7/rhpam-smartrouter-rhel8@sha256:91b1516edf464d7f67b9f97062629d0e1beb1c3023d94871db577c392a2df2a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-smartrouter-rhel8@sha256:91b1516edf464d7f67b9f97062629d0e1beb1c3023d94871db577c392a2df2a8?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-smartrouter-rhel8\u0026tag=7.13.4-11"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-operator-bundle@sha256:d5d8ae9b97b00623af7c4c85a15966bf4de7bc53b767634d6e8e33ba4167d9d3_amd64",
"product": {
"name": "rhpam-7/rhpam-operator-bundle@sha256:d5d8ae9b97b00623af7c4c85a15966bf4de7bc53b767634d6e8e33ba4167d9d3_amd64",
"product_id": "rhpam-7/rhpam-operator-bundle@sha256:d5d8ae9b97b00623af7c4c85a15966bf4de7bc53b767634d6e8e33ba4167d9d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-operator-bundle@sha256:d5d8ae9b97b00623af7c4c85a15966bf4de7bc53b767634d6e8e33ba4167d9d3?arch=amd64\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-operator-bundle\u0026tag=7.13.4-7"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhpam-7/rhpam-kogito-builder-rhel8@sha256:eeb33a9caf57c04f021eea1aba0c87f8d4e70c1a804fbe1c8adc68859e7c4424_ppc64le",
"product": {
"name": "rhpam-7/rhpam-kogito-builder-rhel8@sha256:eeb33a9caf57c04f021eea1aba0c87f8d4e70c1a804fbe1c8adc68859e7c4424_ppc64le",
"product_id": "rhpam-7/rhpam-kogito-builder-rhel8@sha256:eeb33a9caf57c04f021eea1aba0c87f8d4e70c1a804fbe1c8adc68859e7c4424_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-kogito-builder-rhel8@sha256:eeb33a9caf57c04f021eea1aba0c87f8d4e70c1a804fbe1c8adc68859e7c4424?arch=ppc64le\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-kogito-builder-rhel8\u0026tag=7.13.4-5"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:056cc42012b5da9581c8d6f347a1693d6d3d904f76954fc1aafe12a6601994aa_ppc64le",
"product": {
"name": "rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:056cc42012b5da9581c8d6f347a1693d6d3d904f76954fc1aafe12a6601994aa_ppc64le",
"product_id": "rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:056cc42012b5da9581c8d6f347a1693d6d3d904f76954fc1aafe12a6601994aa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-kogito-rhel8-operator-bundle@sha256:056cc42012b5da9581c8d6f347a1693d6d3d904f76954fc1aafe12a6601994aa?arch=ppc64le\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-kogito-rhel8-operator-bundle\u0026tag=7.13.4-3"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-kogito-rhel8-operator@sha256:6ea8b56d752f98a1dd48d8e91f00f49a8f40124b6ec4464209e2e8554de7c93e_ppc64le",
"product": {
"name": "rhpam-7/rhpam-kogito-rhel8-operator@sha256:6ea8b56d752f98a1dd48d8e91f00f49a8f40124b6ec4464209e2e8554de7c93e_ppc64le",
"product_id": "rhpam-7/rhpam-kogito-rhel8-operator@sha256:6ea8b56d752f98a1dd48d8e91f00f49a8f40124b6ec4464209e2e8554de7c93e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-kogito-rhel8-operator@sha256:6ea8b56d752f98a1dd48d8e91f00f49a8f40124b6ec4464209e2e8554de7c93e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-kogito-rhel8-operator\u0026tag=7.13.4-4"
}
}
},
{
"category": "product_version",
"name": "rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:ccb049dd64523e98d0e7a0f7cf99e2171f17917532f4d10ab5893b24c1b19698_ppc64le",
"product": {
"name": "rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:ccb049dd64523e98d0e7a0f7cf99e2171f17917532f4d10ab5893b24c1b19698_ppc64le",
"product_id": "rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:ccb049dd64523e98d0e7a0f7cf99e2171f17917532f4d10ab5893b24c1b19698_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhpam-kogito-runtime-jvm-rhel8@sha256:ccb049dd64523e98d0e7a0f7cf99e2171f17917532f4d10ab5893b24c1b19698?arch=ppc64le\u0026repository_url=registry.redhat.io/rhpam-7/rhpam-kogito-runtime-jvm-rhel8\u0026tag=7.13.4-5"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7-tech-preview/rhpam-kogito-runtime-native-rhel8@sha256:f100720059d7a0d35ff776e5b928486708b420b7a70652e82b815e4dc654b1f5_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7-tech-preview/rhpam-kogito-runtime-native-rhel8@sha256:f100720059d7a0d35ff776e5b928486708b420b7a70652e82b815e4dc654b1f5_amd64"
},
"product_reference": "rhpam-7-tech-preview/rhpam-kogito-runtime-native-rhel8@sha256:f100720059d7a0d35ff776e5b928486708b420b7a70652e82b815e4dc654b1f5_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:878b83b28bf3b7dcfcb710c70ff06268477dddfa6a3df21b7dbe52f53ca3ca40_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:878b83b28bf3b7dcfcb710c70ff06268477dddfa6a3df21b7dbe52f53ca3ca40_amd64"
},
"product_reference": "rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:878b83b28bf3b7dcfcb710c70ff06268477dddfa6a3df21b7dbe52f53ca3ca40_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-businesscentral-rhel8@sha256:52e746b99d6a15be91dc7c4e74fb0a58c27ca1d08151d456336e26b0cbcb54fe_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:52e746b99d6a15be91dc7c4e74fb0a58c27ca1d08151d456336e26b0cbcb54fe_amd64"
},
"product_reference": "rhpam-7/rhpam-businesscentral-rhel8@sha256:52e746b99d6a15be91dc7c4e74fb0a58c27ca1d08151d456336e26b0cbcb54fe_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-controller-rhel8@sha256:c570297daff9ae813db39b27b4604f56cfcfa32a27e81d339da06dd33c13254f_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:c570297daff9ae813db39b27b4604f56cfcfa32a27e81d339da06dd33c13254f_amd64"
},
"product_reference": "rhpam-7/rhpam-controller-rhel8@sha256:c570297daff9ae813db39b27b4604f56cfcfa32a27e81d339da06dd33c13254f_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-dashbuilder-rhel8@sha256:b787d57beb85e6098033b8c26789d2cc7a29faf7463fa8607d962382752f0883_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:b787d57beb85e6098033b8c26789d2cc7a29faf7463fa8607d962382752f0883_amd64"
},
"product_reference": "rhpam-7/rhpam-dashbuilder-rhel8@sha256:b787d57beb85e6098033b8c26789d2cc7a29faf7463fa8607d962382752f0883_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-kieserver-rhel8@sha256:62a457fc1595ed3e534ef9c792cb2bdf3c1712642d370b450a2f341bdd118eda_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:62a457fc1595ed3e534ef9c792cb2bdf3c1712642d370b450a2f341bdd118eda_amd64"
},
"product_reference": "rhpam-7/rhpam-kieserver-rhel8@sha256:62a457fc1595ed3e534ef9c792cb2bdf3c1712642d370b450a2f341bdd118eda_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-kogito-builder-rhel8@sha256:2caadb26d1a4ed774bdfa67664d11210b02a143b741cd4068b1654d51ed80c61_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-builder-rhel8@sha256:2caadb26d1a4ed774bdfa67664d11210b02a143b741cd4068b1654d51ed80c61_amd64"
},
"product_reference": "rhpam-7/rhpam-kogito-builder-rhel8@sha256:2caadb26d1a4ed774bdfa67664d11210b02a143b741cd4068b1654d51ed80c61_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-kogito-builder-rhel8@sha256:eeb33a9caf57c04f021eea1aba0c87f8d4e70c1a804fbe1c8adc68859e7c4424_ppc64le as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-builder-rhel8@sha256:eeb33a9caf57c04f021eea1aba0c87f8d4e70c1a804fbe1c8adc68859e7c4424_ppc64le"
},
"product_reference": "rhpam-7/rhpam-kogito-builder-rhel8@sha256:eeb33a9caf57c04f021eea1aba0c87f8d4e70c1a804fbe1c8adc68859e7c4424_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:056cc42012b5da9581c8d6f347a1693d6d3d904f76954fc1aafe12a6601994aa_ppc64le as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:056cc42012b5da9581c8d6f347a1693d6d3d904f76954fc1aafe12a6601994aa_ppc64le"
},
"product_reference": "rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:056cc42012b5da9581c8d6f347a1693d6d3d904f76954fc1aafe12a6601994aa_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:4553c12fa6f1a41b098efb333ce15d062eeea289b2bed5b2fd3075f5d4bb8cc8_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:4553c12fa6f1a41b098efb333ce15d062eeea289b2bed5b2fd3075f5d4bb8cc8_amd64"
},
"product_reference": "rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:4553c12fa6f1a41b098efb333ce15d062eeea289b2bed5b2fd3075f5d4bb8cc8_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-kogito-rhel8-operator@sha256:52c4c3483cbcd0552730311a21cd4f32902de01b0efbaca2420a96dae6ad6b59_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator@sha256:52c4c3483cbcd0552730311a21cd4f32902de01b0efbaca2420a96dae6ad6b59_amd64"
},
"product_reference": "rhpam-7/rhpam-kogito-rhel8-operator@sha256:52c4c3483cbcd0552730311a21cd4f32902de01b0efbaca2420a96dae6ad6b59_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-kogito-rhel8-operator@sha256:6ea8b56d752f98a1dd48d8e91f00f49a8f40124b6ec4464209e2e8554de7c93e_ppc64le as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator@sha256:6ea8b56d752f98a1dd48d8e91f00f49a8f40124b6ec4464209e2e8554de7c93e_ppc64le"
},
"product_reference": "rhpam-7/rhpam-kogito-rhel8-operator@sha256:6ea8b56d752f98a1dd48d8e91f00f49a8f40124b6ec4464209e2e8554de7c93e_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:cbddd58758ac980a75e007808225feb9e65c280bbdc4727330acfa639474b808_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:cbddd58758ac980a75e007808225feb9e65c280bbdc4727330acfa639474b808_amd64"
},
"product_reference": "rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:cbddd58758ac980a75e007808225feb9e65c280bbdc4727330acfa639474b808_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:ccb049dd64523e98d0e7a0f7cf99e2171f17917532f4d10ab5893b24c1b19698_ppc64le as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:ccb049dd64523e98d0e7a0f7cf99e2171f17917532f4d10ab5893b24c1b19698_ppc64le"
},
"product_reference": "rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:ccb049dd64523e98d0e7a0f7cf99e2171f17917532f4d10ab5893b24c1b19698_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-operator-bundle@sha256:d5d8ae9b97b00623af7c4c85a15966bf4de7bc53b767634d6e8e33ba4167d9d3_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:d5d8ae9b97b00623af7c4c85a15966bf4de7bc53b767634d6e8e33ba4167d9d3_amd64"
},
"product_reference": "rhpam-7/rhpam-operator-bundle@sha256:d5d8ae9b97b00623af7c4c85a15966bf4de7bc53b767634d6e8e33ba4167d9d3_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-process-migration-rhel8@sha256:193ff45f398332ecb2af83f7c6bd1e729ca64e5bbb757ce6623b75a448bfaf55_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:193ff45f398332ecb2af83f7c6bd1e729ca64e5bbb757ce6623b75a448bfaf55_amd64"
},
"product_reference": "rhpam-7/rhpam-process-migration-rhel8@sha256:193ff45f398332ecb2af83f7c6bd1e729ca64e5bbb757ce6623b75a448bfaf55_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-rhel8-operator@sha256:a7a20aed601d9a2ff38788dc773f821c1f68132de83fb1c36cc534a4f0d3468c_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:a7a20aed601d9a2ff38788dc773f821c1f68132de83fb1c36cc534a4f0d3468c_amd64"
},
"product_reference": "rhpam-7/rhpam-rhel8-operator@sha256:a7a20aed601d9a2ff38788dc773f821c1f68132de83fb1c36cc534a4f0d3468c_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhpam-7/rhpam-smartrouter-rhel8@sha256:91b1516edf464d7f67b9f97062629d0e1beb1c3023d94871db577c392a2df2a8_amd64 as a component of Middleware Containers for OpenShift",
"product_id": "8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:91b1516edf464d7f67b9f97062629d0e1beb1c3023d94871db577c392a2df2a8_amd64"
},
"product_reference": "rhpam-7/rhpam-smartrouter-rhel8@sha256:91b1516edf464d7f67b9f97062629d0e1beb1c3023d94871db577c392a2df2a8_amd64",
"relates_to_product_reference": "8Base-RHOSE-Middleware"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-Middleware:rhpam-7-tech-preview/rhpam-kogito-runtime-native-rhel8@sha256:f100720059d7a0d35ff776e5b928486708b420b7a70652e82b815e4dc654b1f5_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:878b83b28bf3b7dcfcb710c70ff06268477dddfa6a3df21b7dbe52f53ca3ca40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:52e746b99d6a15be91dc7c4e74fb0a58c27ca1d08151d456336e26b0cbcb54fe_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:c570297daff9ae813db39b27b4604f56cfcfa32a27e81d339da06dd33c13254f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:b787d57beb85e6098033b8c26789d2cc7a29faf7463fa8607d962382752f0883_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:62a457fc1595ed3e534ef9c792cb2bdf3c1712642d370b450a2f341bdd118eda_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-builder-rhel8@sha256:2caadb26d1a4ed774bdfa67664d11210b02a143b741cd4068b1654d51ed80c61_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-builder-rhel8@sha256:eeb33a9caf57c04f021eea1aba0c87f8d4e70c1a804fbe1c8adc68859e7c4424_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:056cc42012b5da9581c8d6f347a1693d6d3d904f76954fc1aafe12a6601994aa_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:4553c12fa6f1a41b098efb333ce15d062eeea289b2bed5b2fd3075f5d4bb8cc8_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator@sha256:52c4c3483cbcd0552730311a21cd4f32902de01b0efbaca2420a96dae6ad6b59_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator@sha256:6ea8b56d752f98a1dd48d8e91f00f49a8f40124b6ec4464209e2e8554de7c93e_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:cbddd58758ac980a75e007808225feb9e65c280bbdc4727330acfa639474b808_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:ccb049dd64523e98d0e7a0f7cf99e2171f17917532f4d10ab5893b24c1b19698_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:d5d8ae9b97b00623af7c4c85a15966bf4de7bc53b767634d6e8e33ba4167d9d3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:193ff45f398332ecb2af83f7c6bd1e729ca64e5bbb757ce6623b75a448bfaf55_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:a7a20aed601d9a2ff38788dc773f821c1f68132de83fb1c36cc534a4f0d3468c_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:91b1516edf464d7f67b9f97062629d0e1beb1c3023d94871db577c392a2df2a8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T15:57:46+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-Middleware:rhpam-7-tech-preview/rhpam-kogito-runtime-native-rhel8@sha256:f100720059d7a0d35ff776e5b928486708b420b7a70652e82b815e4dc654b1f5_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:878b83b28bf3b7dcfcb710c70ff06268477dddfa6a3df21b7dbe52f53ca3ca40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:52e746b99d6a15be91dc7c4e74fb0a58c27ca1d08151d456336e26b0cbcb54fe_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:c570297daff9ae813db39b27b4604f56cfcfa32a27e81d339da06dd33c13254f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:b787d57beb85e6098033b8c26789d2cc7a29faf7463fa8607d962382752f0883_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:62a457fc1595ed3e534ef9c792cb2bdf3c1712642d370b450a2f341bdd118eda_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-builder-rhel8@sha256:2caadb26d1a4ed774bdfa67664d11210b02a143b741cd4068b1654d51ed80c61_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-builder-rhel8@sha256:eeb33a9caf57c04f021eea1aba0c87f8d4e70c1a804fbe1c8adc68859e7c4424_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:056cc42012b5da9581c8d6f347a1693d6d3d904f76954fc1aafe12a6601994aa_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:4553c12fa6f1a41b098efb333ce15d062eeea289b2bed5b2fd3075f5d4bb8cc8_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator@sha256:52c4c3483cbcd0552730311a21cd4f32902de01b0efbaca2420a96dae6ad6b59_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator@sha256:6ea8b56d752f98a1dd48d8e91f00f49a8f40124b6ec4464209e2e8554de7c93e_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:cbddd58758ac980a75e007808225feb9e65c280bbdc4727330acfa639474b808_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:ccb049dd64523e98d0e7a0f7cf99e2171f17917532f4d10ab5893b24c1b19698_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:d5d8ae9b97b00623af7c4c85a15966bf4de7bc53b767634d6e8e33ba4167d9d3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:193ff45f398332ecb2af83f7c6bd1e729ca64e5bbb757ce6623b75a448bfaf55_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:a7a20aed601d9a2ff38788dc773f821c1f68132de83fb1c36cc534a4f0d3468c_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:91b1516edf464d7f67b9f97062629d0e1beb1c3023d94871db577c392a2df2a8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7335"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSE-Middleware:rhpam-7-tech-preview/rhpam-kogito-runtime-native-rhel8@sha256:f100720059d7a0d35ff776e5b928486708b420b7a70652e82b815e4dc654b1f5_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:878b83b28bf3b7dcfcb710c70ff06268477dddfa6a3df21b7dbe52f53ca3ca40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:52e746b99d6a15be91dc7c4e74fb0a58c27ca1d08151d456336e26b0cbcb54fe_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:c570297daff9ae813db39b27b4604f56cfcfa32a27e81d339da06dd33c13254f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:b787d57beb85e6098033b8c26789d2cc7a29faf7463fa8607d962382752f0883_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:62a457fc1595ed3e534ef9c792cb2bdf3c1712642d370b450a2f341bdd118eda_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-builder-rhel8@sha256:2caadb26d1a4ed774bdfa67664d11210b02a143b741cd4068b1654d51ed80c61_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-builder-rhel8@sha256:eeb33a9caf57c04f021eea1aba0c87f8d4e70c1a804fbe1c8adc68859e7c4424_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:056cc42012b5da9581c8d6f347a1693d6d3d904f76954fc1aafe12a6601994aa_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:4553c12fa6f1a41b098efb333ce15d062eeea289b2bed5b2fd3075f5d4bb8cc8_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator@sha256:52c4c3483cbcd0552730311a21cd4f32902de01b0efbaca2420a96dae6ad6b59_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator@sha256:6ea8b56d752f98a1dd48d8e91f00f49a8f40124b6ec4464209e2e8554de7c93e_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:cbddd58758ac980a75e007808225feb9e65c280bbdc4727330acfa639474b808_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:ccb049dd64523e98d0e7a0f7cf99e2171f17917532f4d10ab5893b24c1b19698_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:d5d8ae9b97b00623af7c4c85a15966bf4de7bc53b767634d6e8e33ba4167d9d3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:193ff45f398332ecb2af83f7c6bd1e729ca64e5bbb757ce6623b75a448bfaf55_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:a7a20aed601d9a2ff38788dc773f821c1f68132de83fb1c36cc534a4f0d3468c_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:91b1516edf464d7f67b9f97062629d0e1beb1c3023d94871db577c392a2df2a8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-Middleware:rhpam-7-tech-preview/rhpam-kogito-runtime-native-rhel8@sha256:f100720059d7a0d35ff776e5b928486708b420b7a70652e82b815e4dc654b1f5_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:878b83b28bf3b7dcfcb710c70ff06268477dddfa6a3df21b7dbe52f53ca3ca40_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-businesscentral-rhel8@sha256:52e746b99d6a15be91dc7c4e74fb0a58c27ca1d08151d456336e26b0cbcb54fe_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-controller-rhel8@sha256:c570297daff9ae813db39b27b4604f56cfcfa32a27e81d339da06dd33c13254f_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-dashbuilder-rhel8@sha256:b787d57beb85e6098033b8c26789d2cc7a29faf7463fa8607d962382752f0883_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kieserver-rhel8@sha256:62a457fc1595ed3e534ef9c792cb2bdf3c1712642d370b450a2f341bdd118eda_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-builder-rhel8@sha256:2caadb26d1a4ed774bdfa67664d11210b02a143b741cd4068b1654d51ed80c61_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-builder-rhel8@sha256:eeb33a9caf57c04f021eea1aba0c87f8d4e70c1a804fbe1c8adc68859e7c4424_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:056cc42012b5da9581c8d6f347a1693d6d3d904f76954fc1aafe12a6601994aa_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator-bundle@sha256:4553c12fa6f1a41b098efb333ce15d062eeea289b2bed5b2fd3075f5d4bb8cc8_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator@sha256:52c4c3483cbcd0552730311a21cd4f32902de01b0efbaca2420a96dae6ad6b59_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-rhel8-operator@sha256:6ea8b56d752f98a1dd48d8e91f00f49a8f40124b6ec4464209e2e8554de7c93e_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:cbddd58758ac980a75e007808225feb9e65c280bbdc4727330acfa639474b808_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:ccb049dd64523e98d0e7a0f7cf99e2171f17917532f4d10ab5893b24c1b19698_ppc64le",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-operator-bundle@sha256:d5d8ae9b97b00623af7c4c85a15966bf4de7bc53b767634d6e8e33ba4167d9d3_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-process-migration-rhel8@sha256:193ff45f398332ecb2af83f7c6bd1e729ca64e5bbb757ce6623b75a448bfaf55_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-rhel8-operator@sha256:a7a20aed601d9a2ff38788dc773f821c1f68132de83fb1c36cc534a4f0d3468c_amd64",
"8Base-RHOSE-Middleware:rhpam-7/rhpam-smartrouter-rhel8@sha256:91b1516edf464d7f67b9f97062629d0e1beb1c3023d94871db577c392a2df2a8_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_7344
Vulnerability from csaf_redhat - Published: 2023-11-20 07:53 - Updated: 2024-12-18 04:56A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.9:openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.9:openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openshift-gitops-kam is now available for Red Hat OpenShift GitOps 1.9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "An update for openshift-gitops-kam is now available for Red Hat OpenShift GitOps 1.9.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7344",
"url": "https://access.redhat.com/errata/RHSA-2023:7344"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7344.json"
}
],
"title": "Red Hat Security Advisory: openshift-gitops-kam security update",
"tracking": {
"current_release_date": "2024-12-18T04:56:10+00:00",
"generator": {
"date": "2024-12-18T04:56:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:7344",
"initial_release_date": "2023-11-20T07:53:42+00:00",
"revision_history": [
{
"date": "2023-11-20T07:53:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-20T07:53:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:56:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.9",
"product": {
"name": "Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.9::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-kam-0:1.9.3-32.el8.src",
"product": {
"name": "openshift-gitops-kam-0:1.9.3-32.el8.src",
"product_id": "openshift-gitops-kam-0:1.9.3-32.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-gitops-kam@1.9.3-32.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-kam-0:1.9.3-32.el8.x86_64",
"product": {
"name": "openshift-gitops-kam-0:1.9.3-32.el8.x86_64",
"product_id": "openshift-gitops-kam-0:1.9.3-32.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-gitops-kam@1.9.3-32.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64",
"product": {
"name": "openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64",
"product_id": "openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-gitops-kam-redistributable@1.9.3-32.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-kam-0:1.9.3-32.el8.s390x",
"product": {
"name": "openshift-gitops-kam-0:1.9.3-32.el8.s390x",
"product_id": "openshift-gitops-kam-0:1.9.3-32.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-gitops-kam@1.9.3-32.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-kam-0:1.9.3-32.el8.ppc64le",
"product": {
"name": "openshift-gitops-kam-0:1.9.3-32.el8.ppc64le",
"product_id": "openshift-gitops-kam-0:1.9.3-32.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-gitops-kam@1.9.3-32.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-kam-0:1.9.3-32.el8.aarch64",
"product": {
"name": "openshift-gitops-kam-0:1.9.3-32.el8.aarch64",
"product_id": "openshift-gitops-kam-0:1.9.3-32.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-gitops-kam@1.9.3-32.el8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-kam-0:1.9.3-32.el8.aarch64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.aarch64"
},
"product_reference": "openshift-gitops-kam-0:1.9.3-32.el8.aarch64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-kam-0:1.9.3-32.el8.ppc64le as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.ppc64le"
},
"product_reference": "openshift-gitops-kam-0:1.9.3-32.el8.ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-kam-0:1.9.3-32.el8.s390x as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.s390x"
},
"product_reference": "openshift-gitops-kam-0:1.9.3-32.el8.s390x",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-kam-0:1.9.3-32.el8.src as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.src"
},
"product_reference": "openshift-gitops-kam-0:1.9.3-32.el8.src",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-kam-0:1.9.3-32.el8.x86_64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.x86_64"
},
"product_reference": "openshift-gitops-kam-0:1.9.3-32.el8.x86_64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64"
},
"product_reference": "openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64",
"relates_to_product_reference": "8Base-GitOps-1.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.aarch64",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.ppc64le",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.s390x",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.src",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.x86_64",
"8Base-GitOps-1.9:openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-20T07:53:42+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.aarch64",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.ppc64le",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.s390x",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.src",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.x86_64",
"8Base-GitOps-1.9:openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7344"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.aarch64",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.ppc64le",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.s390x",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.src",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.x86_64",
"8Base-GitOps-1.9:openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.aarch64",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.ppc64le",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.s390x",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.src",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.x86_64",
"8Base-GitOps-1.9:openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.aarch64",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.ppc64le",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.s390x",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.src",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.x86_64",
"8Base-GitOps-1.9:openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-20T07:53:42+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.aarch64",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.ppc64le",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.s390x",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.src",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.x86_64",
"8Base-GitOps-1.9:openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7344"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.aarch64",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.ppc64le",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.s390x",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.src",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.x86_64",
"8Base-GitOps-1.9:openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.aarch64",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.ppc64le",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.s390x",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.src",
"8Base-GitOps-1.9:openshift-gitops-kam-0:1.9.3-32.el8.x86_64",
"8Base-GitOps-1.9:openshift-gitops-kam-redistributable-0:1.9.3-32.el8.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.