Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-45288 (GCVE-0-2023-45288)
Vulnerability from cvelistv5 – Published: 2024-04-04 20:37 – Updated: 2025-11-04 18:17
VLAI
EPSS
Title
HTTP/2 CONTINUATION flood in net/http
Summary
An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
9 references
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | net/http |
Affected:
0 , < 1.21.9
(semver)
Affected: 1.22.0-0 , < 1.22.2 (semver) |
|
| golang.org/x/net | golang.org/x/net/http2 |
Affected:
0 , < 0.23.0
(semver)
|
|
| go_standard_library | net\/http |
Affected:
0 , < 1.21.9
(custom)
Affected: 1.22.0-0 , < 1.22.2 (custom) cpe:2.3:a:go_standard_library:net\/http:*:*:*:*:*:*:*:* |
|
| golang | http2 |
Affected:
0 , < 0.23.0
(custom)
cpe:2.3:a:golang:http2:*:*:*:*:*:*:*:* |
Credits
Bartek Nowotarski (https://nowotarski.info/)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:17:43.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/issue/65051"
},
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/cl/576155"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M"
},
{
"tags": [
"x_transferred"
],
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240419-0009/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/05/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/03/16"
},
{
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:go_standard_library:net\\/http:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "net\\/http",
"vendor": "go_standard_library",
"versions": [
{
"lessThan": "1.21.9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.22.2",
"status": "affected",
"version": "1.22.0-0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:golang:http2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "http2",
"vendor": "golang",
"versions": [
{
"lessThan": "0.23.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-45288",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-05T17:08:42.212936Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-26T20:40:01.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "net/http",
"product": "net/http",
"programRoutines": [
{
"name": "http2Framer.readMetaFrame"
},
{
"name": "CanonicalHeaderKey"
},
{
"name": "Client.CloseIdleConnections"
},
{
"name": "Client.Do"
},
{
"name": "Client.Get"
},
{
"name": "Client.Head"
},
{
"name": "Client.Post"
},
{
"name": "Client.PostForm"
},
{
"name": "Cookie.String"
},
{
"name": "Cookie.Valid"
},
{
"name": "Dir.Open"
},
{
"name": "Error"
},
{
"name": "Get"
},
{
"name": "HandlerFunc.ServeHTTP"
},
{
"name": "Head"
},
{
"name": "Header.Add"
},
{
"name": "Header.Del"
},
{
"name": "Header.Get"
},
{
"name": "Header.Set"
},
{
"name": "Header.Values"
},
{
"name": "Header.Write"
},
{
"name": "Header.WriteSubset"
},
{
"name": "ListenAndServe"
},
{
"name": "ListenAndServeTLS"
},
{
"name": "NewRequest"
},
{
"name": "NewRequestWithContext"
},
{
"name": "NotFound"
},
{
"name": "ParseTime"
},
{
"name": "Post"
},
{
"name": "PostForm"
},
{
"name": "ProxyFromEnvironment"
},
{
"name": "ReadRequest"
},
{
"name": "ReadResponse"
},
{
"name": "Redirect"
},
{
"name": "Request.AddCookie"
},
{
"name": "Request.BasicAuth"
},
{
"name": "Request.FormFile"
},
{
"name": "Request.FormValue"
},
{
"name": "Request.MultipartReader"
},
{
"name": "Request.ParseForm"
},
{
"name": "Request.ParseMultipartForm"
},
{
"name": "Request.PostFormValue"
},
{
"name": "Request.Referer"
},
{
"name": "Request.SetBasicAuth"
},
{
"name": "Request.UserAgent"
},
{
"name": "Request.Write"
},
{
"name": "Request.WriteProxy"
},
{
"name": "Response.Cookies"
},
{
"name": "Response.Location"
},
{
"name": "Response.Write"
},
{
"name": "ResponseController.EnableFullDuplex"
},
{
"name": "ResponseController.Flush"
},
{
"name": "ResponseController.Hijack"
},
{
"name": "ResponseController.SetReadDeadline"
},
{
"name": "ResponseController.SetWriteDeadline"
},
{
"name": "Serve"
},
{
"name": "ServeContent"
},
{
"name": "ServeFile"
},
{
"name": "ServeMux.ServeHTTP"
},
{
"name": "ServeTLS"
},
{
"name": "Server.Close"
},
{
"name": "Server.ListenAndServe"
},
{
"name": "Server.ListenAndServeTLS"
},
{
"name": "Server.Serve"
},
{
"name": "Server.ServeTLS"
},
{
"name": "Server.SetKeepAlivesEnabled"
},
{
"name": "Server.Shutdown"
},
{
"name": "SetCookie"
},
{
"name": "Transport.CancelRequest"
},
{
"name": "Transport.Clone"
},
{
"name": "Transport.CloseIdleConnections"
},
{
"name": "Transport.RoundTrip"
},
{
"name": "body.Close"
},
{
"name": "body.Read"
},
{
"name": "bodyEOFSignal.Close"
},
{
"name": "bodyEOFSignal.Read"
},
{
"name": "bodyLocked.Read"
},
{
"name": "bufioFlushWriter.Write"
},
{
"name": "cancelTimerBody.Close"
},
{
"name": "cancelTimerBody.Read"
},
{
"name": "checkConnErrorWriter.Write"
},
{
"name": "chunkWriter.Write"
},
{
"name": "connReader.Read"
},
{
"name": "connectMethodKey.String"
},
{
"name": "expectContinueReader.Close"
},
{
"name": "expectContinueReader.Read"
},
{
"name": "extraHeader.Write"
},
{
"name": "fileHandler.ServeHTTP"
},
{
"name": "fileTransport.RoundTrip"
},
{
"name": "globalOptionsHandler.ServeHTTP"
},
{
"name": "gzipReader.Close"
},
{
"name": "gzipReader.Read"
},
{
"name": "http2ClientConn.Close"
},
{
"name": "http2ClientConn.Ping"
},
{
"name": "http2ClientConn.RoundTrip"
},
{
"name": "http2ClientConn.Shutdown"
},
{
"name": "http2ConnectionError.Error"
},
{
"name": "http2ErrCode.String"
},
{
"name": "http2FrameHeader.String"
},
{
"name": "http2FrameType.String"
},
{
"name": "http2FrameWriteRequest.String"
},
{
"name": "http2Framer.ReadFrame"
},
{
"name": "http2Framer.WriteContinuation"
},
{
"name": "http2Framer.WriteData"
},
{
"name": "http2Framer.WriteDataPadded"
},
{
"name": "http2Framer.WriteGoAway"
},
{
"name": "http2Framer.WriteHeaders"
},
{
"name": "http2Framer.WritePing"
},
{
"name": "http2Framer.WritePriority"
},
{
"name": "http2Framer.WritePushPromise"
},
{
"name": "http2Framer.WriteRSTStream"
},
{
"name": "http2Framer.WriteRawFrame"
},
{
"name": "http2Framer.WriteSettings"
},
{
"name": "http2Framer.WriteSettingsAck"
},
{
"name": "http2Framer.WriteWindowUpdate"
},
{
"name": "http2GoAwayError.Error"
},
{
"name": "http2Server.ServeConn"
},
{
"name": "http2Setting.String"
},
{
"name": "http2SettingID.String"
},
{
"name": "http2SettingsFrame.ForeachSetting"
},
{
"name": "http2StreamError.Error"
},
{
"name": "http2Transport.CloseIdleConnections"
},
{
"name": "http2Transport.NewClientConn"
},
{
"name": "http2Transport.RoundTrip"
},
{
"name": "http2Transport.RoundTripOpt"
},
{
"name": "http2bufferedWriter.Flush"
},
{
"name": "http2bufferedWriter.Write"
},
{
"name": "http2chunkWriter.Write"
},
{
"name": "http2clientConnPool.GetClientConn"
},
{
"name": "http2connError.Error"
},
{
"name": "http2dataBuffer.Read"
},
{
"name": "http2duplicatePseudoHeaderError.Error"
},
{
"name": "http2gzipReader.Close"
},
{
"name": "http2gzipReader.Read"
},
{
"name": "http2headerFieldNameError.Error"
},
{
"name": "http2headerFieldValueError.Error"
},
{
"name": "http2noDialClientConnPool.GetClientConn"
},
{
"name": "http2noDialH2RoundTripper.RoundTrip"
},
{
"name": "http2pipe.Read"
},
{
"name": "http2priorityWriteScheduler.CloseStream"
},
{
"name": "http2priorityWriteScheduler.OpenStream"
},
{
"name": "http2pseudoHeaderError.Error"
},
{
"name": "http2requestBody.Close"
},
{
"name": "http2requestBody.Read"
},
{
"name": "http2responseWriter.Flush"
},
{
"name": "http2responseWriter.FlushError"
},
{
"name": "http2responseWriter.Push"
},
{
"name": "http2responseWriter.SetReadDeadline"
},
{
"name": "http2responseWriter.SetWriteDeadline"
},
{
"name": "http2responseWriter.Write"
},
{
"name": "http2responseWriter.WriteHeader"
},
{
"name": "http2responseWriter.WriteString"
},
{
"name": "http2roundRobinWriteScheduler.OpenStream"
},
{
"name": "http2serverConn.CloseConn"
},
{
"name": "http2serverConn.Flush"
},
{
"name": "http2stickyErrWriter.Write"
},
{
"name": "http2transportResponseBody.Close"
},
{
"name": "http2transportResponseBody.Read"
},
{
"name": "http2writeData.String"
},
{
"name": "initALPNRequest.ServeHTTP"
},
{
"name": "loggingConn.Close"
},
{
"name": "loggingConn.Read"
},
{
"name": "loggingConn.Write"
},
{
"name": "maxBytesReader.Close"
},
{
"name": "maxBytesReader.Read"
},
{
"name": "onceCloseListener.Close"
},
{
"name": "persistConn.Read"
},
{
"name": "persistConnWriter.ReadFrom"
},
{
"name": "persistConnWriter.Write"
},
{
"name": "populateResponse.Write"
},
{
"name": "populateResponse.WriteHeader"
},
{
"name": "readTrackingBody.Close"
},
{
"name": "readTrackingBody.Read"
},
{
"name": "readWriteCloserBody.Read"
},
{
"name": "redirectHandler.ServeHTTP"
},
{
"name": "response.Flush"
},
{
"name": "response.FlushError"
},
{
"name": "response.Hijack"
},
{
"name": "response.ReadFrom"
},
{
"name": "response.Write"
},
{
"name": "response.WriteHeader"
},
{
"name": "response.WriteString"
},
{
"name": "serverHandler.ServeHTTP"
},
{
"name": "socksDialer.DialWithConn"
},
{
"name": "socksUsernamePassword.Authenticate"
},
{
"name": "stringWriter.WriteString"
},
{
"name": "timeoutHandler.ServeHTTP"
},
{
"name": "timeoutWriter.Write"
},
{
"name": "timeoutWriter.WriteHeader"
},
{
"name": "transportReadFromServerError.Error"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.21.9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.22.2",
"status": "affected",
"version": "1.22.0-0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/http2",
"product": "golang.org/x/net/http2",
"programRoutines": [
{
"name": "Framer.readMetaFrame"
},
{
"name": "ClientConn.Close"
},
{
"name": "ClientConn.Ping"
},
{
"name": "ClientConn.RoundTrip"
},
{
"name": "ClientConn.Shutdown"
},
{
"name": "ConfigureServer"
},
{
"name": "ConfigureTransport"
},
{
"name": "ConfigureTransports"
},
{
"name": "ConnectionError.Error"
},
{
"name": "ErrCode.String"
},
{
"name": "FrameHeader.String"
},
{
"name": "FrameType.String"
},
{
"name": "FrameWriteRequest.String"
},
{
"name": "Framer.ReadFrame"
},
{
"name": "Framer.WriteContinuation"
},
{
"name": "Framer.WriteData"
},
{
"name": "Framer.WriteDataPadded"
},
{
"name": "Framer.WriteGoAway"
},
{
"name": "Framer.WriteHeaders"
},
{
"name": "Framer.WritePing"
},
{
"name": "Framer.WritePriority"
},
{
"name": "Framer.WritePushPromise"
},
{
"name": "Framer.WriteRSTStream"
},
{
"name": "Framer.WriteRawFrame"
},
{
"name": "Framer.WriteSettings"
},
{
"name": "Framer.WriteSettingsAck"
},
{
"name": "Framer.WriteWindowUpdate"
},
{
"name": "GoAwayError.Error"
},
{
"name": "ReadFrameHeader"
},
{
"name": "Server.ServeConn"
},
{
"name": "Setting.String"
},
{
"name": "SettingID.String"
},
{
"name": "SettingsFrame.ForeachSetting"
},
{
"name": "StreamError.Error"
},
{
"name": "Transport.CloseIdleConnections"
},
{
"name": "Transport.NewClientConn"
},
{
"name": "Transport.RoundTrip"
},
{
"name": "Transport.RoundTripOpt"
},
{
"name": "bufferedWriter.Flush"
},
{
"name": "bufferedWriter.Write"
},
{
"name": "chunkWriter.Write"
},
{
"name": "clientConnPool.GetClientConn"
},
{
"name": "connError.Error"
},
{
"name": "dataBuffer.Read"
},
{
"name": "duplicatePseudoHeaderError.Error"
},
{
"name": "gzipReader.Close"
},
{
"name": "gzipReader.Read"
},
{
"name": "headerFieldNameError.Error"
},
{
"name": "headerFieldValueError.Error"
},
{
"name": "noDialClientConnPool.GetClientConn"
},
{
"name": "noDialH2RoundTripper.RoundTrip"
},
{
"name": "pipe.Read"
},
{
"name": "priorityWriteScheduler.CloseStream"
},
{
"name": "priorityWriteScheduler.OpenStream"
},
{
"name": "pseudoHeaderError.Error"
},
{
"name": "requestBody.Close"
},
{
"name": "requestBody.Read"
},
{
"name": "responseWriter.Flush"
},
{
"name": "responseWriter.FlushError"
},
{
"name": "responseWriter.Push"
},
{
"name": "responseWriter.SetReadDeadline"
},
{
"name": "responseWriter.SetWriteDeadline"
},
{
"name": "responseWriter.Write"
},
{
"name": "responseWriter.WriteHeader"
},
{
"name": "responseWriter.WriteString"
},
{
"name": "roundRobinWriteScheduler.OpenStream"
},
{
"name": "serverConn.CloseConn"
},
{
"name": "serverConn.Flush"
},
{
"name": "stickyErrWriter.Write"
},
{
"name": "transportResponseBody.Close"
},
{
"name": "transportResponseBody.Read"
},
{
"name": "writeData.String"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.23.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Bartek Nowotarski (https://nowotarski.info/)"
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T17:10:07.754Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/issue/65051"
},
{
"url": "https://go.dev/cl/576155"
},
{
"url": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M"
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240419-0009/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/04/05/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/04/03/16"
}
],
"title": "HTTP/2 CONTINUATION flood in net/http"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2023-45288",
"datePublished": "2024-04-04T20:37:30.714Z",
"dateReserved": "2023-10-06T17:06:26.221Z",
"dateUpdated": "2025-11-04T18:17:43.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-45288",
"date": "2026-06-20",
"epss": "0.91969",
"percentile": "0.99806"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.\"}, {\"lang\": \"es\", \"value\": \"Un atacante puede hacer que un endpoint HTTP/2 lea cantidades arbitrarias de datos de encabezado enviando una cantidad excesiva de tramas de CONTINUACI\\u00d3N. Mantener el estado de HPACK requiere analizar y procesar todos los encabezados y tramas de CONTINUACI\\u00d3N en una conexi\\u00f3n. Cuando los encabezados de una solicitud exceden MaxHeaderBytes, no se asigna memoria para almacenar los encabezados sobrantes, pero a\\u00fan as\\u00ed se analizan. Esto permite a un atacante hacer que un endpoint HTTP/2 lea cantidades arbitrarias de datos de encabezado, todos asociados con una solicitud que ser\\u00e1 rechazada. Estos encabezados pueden incluir datos codificados por Huffman, cuya decodificaci\\u00f3n es significativamente m\\u00e1s costosa para el receptor que para el atacante. La soluci\\u00f3n establece un l\\u00edmite en la cantidad de fotogramas de encabezado excedentes que procesaremos antes de cerrar una conexi\\u00f3n.\"}]",
"id": "CVE-2023-45288",
"lastModified": "2024-11-21T08:26:42.380",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2024-04-04T21:15:16.113",
"references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/03/16\", \"source\": \"security@golang.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/05/4\", \"source\": \"security@golang.org\"}, {\"url\": \"https://go.dev/cl/576155\", \"source\": \"security@golang.org\"}, {\"url\": \"https://go.dev/issue/65051\", \"source\": \"security@golang.org\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M\", \"source\": \"security@golang.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/\", \"source\": \"security@golang.org\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-2687\", \"source\": \"security@golang.org\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240419-0009/\", \"source\": \"security@golang.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/03/16\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/05/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://go.dev/cl/576155\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://go.dev/issue/65051\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-2687\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240419-0009/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "security@golang.org",
"vulnStatus": "Awaiting Analysis"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-45288\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2024-04-04T21:15:16.113\",\"lastModified\":\"2025-11-04T19:16:01.263\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.\"},{\"lang\":\"es\",\"value\":\"Un atacante puede hacer que un endpoint HTTP/2 lea cantidades arbitrarias de datos de encabezado enviando una cantidad excesiva de tramas de CONTINUACI\u00d3N. Mantener el estado de HPACK requiere analizar y procesar todos los encabezados y tramas de CONTINUACI\u00d3N en una conexi\u00f3n. Cuando los encabezados de una solicitud exceden MaxHeaderBytes, no se asigna memoria para almacenar los encabezados sobrantes, pero a\u00fan as\u00ed se analizan. Esto permite a un atacante hacer que un endpoint HTTP/2 lea cantidades arbitrarias de datos de encabezado, todos asociados con una solicitud que ser\u00e1 rechazada. Estos encabezados pueden incluir datos codificados por Huffman, cuya decodificaci\u00f3n es significativamente m\u00e1s costosa para el receptor que para el atacante. La soluci\u00f3n establece un l\u00edmite en la cantidad de fotogramas de encabezado excedentes que procesaremos antes de cerrar una conexi\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2024/04/03/16\",\"source\":\"security@golang.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/04/05/4\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/cl/576155\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/issue/65051\",\"source\":\"security@golang.org\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2024-2687\",\"source\":\"security@golang.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240419-0009/\",\"source\":\"security@golang.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/04/03/16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/04/05/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://go.dev/cl/576155\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://go.dev/issue/65051\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2024-2687\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240419-0009/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.kb.cert.org/vuls/id/421644\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://go.dev/issue/65051\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://go.dev/cl/576155\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-2687\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240419-0009/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/05/4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/03/16\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/421644\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T18:17:43.583Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-45288\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-05T17:08:42.212936Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:go_standard_library:net\\\\/http:*:*:*:*:*:*:*:*\"], \"vendor\": \"go_standard_library\", \"product\": \"net\\\\/http\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.21.9\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.22.0-0\", \"lessThan\": \"1.22.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:golang:http2:*:*:*:*:*:*:*:*\"], \"vendor\": \"golang\", \"product\": \"http2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.23.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-26T20:39:55.687Z\"}}], \"cna\": {\"title\": \"HTTP/2 CONTINUATION flood in net/http\", \"credits\": [{\"lang\": \"en\", \"value\": \"Bartek Nowotarski (https://nowotarski.info/)\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"net/http\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.21.9\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.22.0-0\", \"lessThan\": \"1.22.2\", \"versionType\": \"semver\"}], \"packageName\": \"net/http\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"http2Framer.readMetaFrame\"}, {\"name\": \"CanonicalHeaderKey\"}, {\"name\": \"Client.CloseIdleConnections\"}, {\"name\": \"Client.Do\"}, {\"name\": \"Client.Get\"}, {\"name\": \"Client.Head\"}, {\"name\": \"Client.Post\"}, {\"name\": \"Client.PostForm\"}, {\"name\": \"Cookie.String\"}, {\"name\": \"Cookie.Valid\"}, {\"name\": \"Dir.Open\"}, {\"name\": \"Error\"}, {\"name\": \"Get\"}, {\"name\": \"HandlerFunc.ServeHTTP\"}, {\"name\": \"Head\"}, {\"name\": \"Header.Add\"}, {\"name\": \"Header.Del\"}, {\"name\": \"Header.Get\"}, {\"name\": \"Header.Set\"}, {\"name\": \"Header.Values\"}, {\"name\": \"Header.Write\"}, {\"name\": \"Header.WriteSubset\"}, {\"name\": \"ListenAndServe\"}, {\"name\": \"ListenAndServeTLS\"}, {\"name\": \"NewRequest\"}, {\"name\": \"NewRequestWithContext\"}, {\"name\": \"NotFound\"}, {\"name\": \"ParseTime\"}, {\"name\": \"Post\"}, {\"name\": \"PostForm\"}, {\"name\": \"ProxyFromEnvironment\"}, {\"name\": \"ReadRequest\"}, {\"name\": \"ReadResponse\"}, {\"name\": \"Redirect\"}, {\"name\": \"Request.AddCookie\"}, {\"name\": \"Request.BasicAuth\"}, {\"name\": \"Request.FormFile\"}, {\"name\": \"Request.FormValue\"}, {\"name\": \"Request.MultipartReader\"}, {\"name\": \"Request.ParseForm\"}, {\"name\": \"Request.ParseMultipartForm\"}, {\"name\": \"Request.PostFormValue\"}, {\"name\": \"Request.Referer\"}, {\"name\": \"Request.SetBasicAuth\"}, {\"name\": \"Request.UserAgent\"}, {\"name\": \"Request.Write\"}, {\"name\": \"Request.WriteProxy\"}, {\"name\": \"Response.Cookies\"}, {\"name\": \"Response.Location\"}, {\"name\": \"Response.Write\"}, {\"name\": \"ResponseController.EnableFullDuplex\"}, {\"name\": \"ResponseController.Flush\"}, {\"name\": \"ResponseController.Hijack\"}, {\"name\": \"ResponseController.SetReadDeadline\"}, {\"name\": \"ResponseController.SetWriteDeadline\"}, {\"name\": \"Serve\"}, {\"name\": \"ServeContent\"}, {\"name\": \"ServeFile\"}, {\"name\": \"ServeMux.ServeHTTP\"}, {\"name\": \"ServeTLS\"}, {\"name\": \"Server.Close\"}, {\"name\": \"Server.ListenAndServe\"}, {\"name\": \"Server.ListenAndServeTLS\"}, {\"name\": \"Server.Serve\"}, {\"name\": \"Server.ServeTLS\"}, {\"name\": \"Server.SetKeepAlivesEnabled\"}, {\"name\": \"Server.Shutdown\"}, {\"name\": \"SetCookie\"}, {\"name\": \"Transport.CancelRequest\"}, {\"name\": \"Transport.Clone\"}, {\"name\": \"Transport.CloseIdleConnections\"}, {\"name\": \"Transport.RoundTrip\"}, {\"name\": \"body.Close\"}, {\"name\": \"body.Read\"}, {\"name\": \"bodyEOFSignal.Close\"}, {\"name\": \"bodyEOFSignal.Read\"}, {\"name\": \"bodyLocked.Read\"}, {\"name\": \"bufioFlushWriter.Write\"}, {\"name\": \"cancelTimerBody.Close\"}, {\"name\": \"cancelTimerBody.Read\"}, {\"name\": \"checkConnErrorWriter.Write\"}, {\"name\": \"chunkWriter.Write\"}, {\"name\": \"connReader.Read\"}, {\"name\": \"connectMethodKey.String\"}, {\"name\": \"expectContinueReader.Close\"}, {\"name\": \"expectContinueReader.Read\"}, {\"name\": \"extraHeader.Write\"}, {\"name\": \"fileHandler.ServeHTTP\"}, {\"name\": \"fileTransport.RoundTrip\"}, {\"name\": \"globalOptionsHandler.ServeHTTP\"}, {\"name\": \"gzipReader.Close\"}, {\"name\": \"gzipReader.Read\"}, {\"name\": \"http2ClientConn.Close\"}, {\"name\": \"http2ClientConn.Ping\"}, {\"name\": \"http2ClientConn.RoundTrip\"}, {\"name\": \"http2ClientConn.Shutdown\"}, {\"name\": \"http2ConnectionError.Error\"}, {\"name\": \"http2ErrCode.String\"}, {\"name\": \"http2FrameHeader.String\"}, {\"name\": \"http2FrameType.String\"}, {\"name\": \"http2FrameWriteRequest.String\"}, {\"name\": \"http2Framer.ReadFrame\"}, {\"name\": \"http2Framer.WriteContinuation\"}, {\"name\": \"http2Framer.WriteData\"}, {\"name\": \"http2Framer.WriteDataPadded\"}, {\"name\": \"http2Framer.WriteGoAway\"}, {\"name\": \"http2Framer.WriteHeaders\"}, {\"name\": \"http2Framer.WritePing\"}, {\"name\": \"http2Framer.WritePriority\"}, {\"name\": \"http2Framer.WritePushPromise\"}, {\"name\": \"http2Framer.WriteRSTStream\"}, {\"name\": \"http2Framer.WriteRawFrame\"}, {\"name\": \"http2Framer.WriteSettings\"}, {\"name\": \"http2Framer.WriteSettingsAck\"}, {\"name\": \"http2Framer.WriteWindowUpdate\"}, {\"name\": \"http2GoAwayError.Error\"}, {\"name\": \"http2Server.ServeConn\"}, {\"name\": \"http2Setting.String\"}, {\"name\": \"http2SettingID.String\"}, {\"name\": \"http2SettingsFrame.ForeachSetting\"}, {\"name\": \"http2StreamError.Error\"}, {\"name\": \"http2Transport.CloseIdleConnections\"}, {\"name\": \"http2Transport.NewClientConn\"}, {\"name\": \"http2Transport.RoundTrip\"}, {\"name\": \"http2Transport.RoundTripOpt\"}, {\"name\": \"http2bufferedWriter.Flush\"}, {\"name\": \"http2bufferedWriter.Write\"}, {\"name\": \"http2chunkWriter.Write\"}, {\"name\": \"http2clientConnPool.GetClientConn\"}, {\"name\": \"http2connError.Error\"}, {\"name\": \"http2dataBuffer.Read\"}, {\"name\": \"http2duplicatePseudoHeaderError.Error\"}, {\"name\": \"http2gzipReader.Close\"}, {\"name\": \"http2gzipReader.Read\"}, {\"name\": \"http2headerFieldNameError.Error\"}, {\"name\": \"http2headerFieldValueError.Error\"}, {\"name\": \"http2noDialClientConnPool.GetClientConn\"}, {\"name\": \"http2noDialH2RoundTripper.RoundTrip\"}, {\"name\": \"http2pipe.Read\"}, {\"name\": \"http2priorityWriteScheduler.CloseStream\"}, {\"name\": \"http2priorityWriteScheduler.OpenStream\"}, {\"name\": \"http2pseudoHeaderError.Error\"}, {\"name\": \"http2requestBody.Close\"}, {\"name\": \"http2requestBody.Read\"}, {\"name\": \"http2responseWriter.Flush\"}, {\"name\": \"http2responseWriter.FlushError\"}, {\"name\": \"http2responseWriter.Push\"}, {\"name\": \"http2responseWriter.SetReadDeadline\"}, {\"name\": \"http2responseWriter.SetWriteDeadline\"}, {\"name\": \"http2responseWriter.Write\"}, {\"name\": \"http2responseWriter.WriteHeader\"}, {\"name\": \"http2responseWriter.WriteString\"}, {\"name\": \"http2roundRobinWriteScheduler.OpenStream\"}, {\"name\": \"http2serverConn.CloseConn\"}, {\"name\": \"http2serverConn.Flush\"}, {\"name\": \"http2stickyErrWriter.Write\"}, {\"name\": \"http2transportResponseBody.Close\"}, {\"name\": \"http2transportResponseBody.Read\"}, {\"name\": \"http2writeData.String\"}, {\"name\": \"initALPNRequest.ServeHTTP\"}, {\"name\": \"loggingConn.Close\"}, {\"name\": \"loggingConn.Read\"}, {\"name\": \"loggingConn.Write\"}, {\"name\": \"maxBytesReader.Close\"}, {\"name\": \"maxBytesReader.Read\"}, {\"name\": \"onceCloseListener.Close\"}, {\"name\": \"persistConn.Read\"}, {\"name\": \"persistConnWriter.ReadFrom\"}, {\"name\": \"persistConnWriter.Write\"}, {\"name\": \"populateResponse.Write\"}, {\"name\": \"populateResponse.WriteHeader\"}, {\"name\": \"readTrackingBody.Close\"}, {\"name\": \"readTrackingBody.Read\"}, {\"name\": \"readWriteCloserBody.Read\"}, {\"name\": \"redirectHandler.ServeHTTP\"}, {\"name\": \"response.Flush\"}, {\"name\": \"response.FlushError\"}, {\"name\": \"response.Hijack\"}, {\"name\": \"response.ReadFrom\"}, {\"name\": \"response.Write\"}, {\"name\": \"response.WriteHeader\"}, {\"name\": \"response.WriteString\"}, {\"name\": \"serverHandler.ServeHTTP\"}, {\"name\": \"socksDialer.DialWithConn\"}, {\"name\": \"socksUsernamePassword.Authenticate\"}, {\"name\": \"stringWriter.WriteString\"}, {\"name\": \"timeoutHandler.ServeHTTP\"}, {\"name\": \"timeoutWriter.Write\"}, {\"name\": \"timeoutWriter.WriteHeader\"}, {\"name\": \"transportReadFromServerError.Error\"}]}, {\"vendor\": \"golang.org/x/net\", \"product\": \"golang.org/x/net/http2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.23.0\", \"versionType\": \"semver\"}], \"packageName\": \"golang.org/x/net/http2\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Framer.readMetaFrame\"}, {\"name\": \"ClientConn.Close\"}, {\"name\": \"ClientConn.Ping\"}, {\"name\": \"ClientConn.RoundTrip\"}, {\"name\": \"ClientConn.Shutdown\"}, {\"name\": \"ConfigureServer\"}, {\"name\": \"ConfigureTransport\"}, {\"name\": \"ConfigureTransports\"}, {\"name\": \"ConnectionError.Error\"}, {\"name\": \"ErrCode.String\"}, {\"name\": \"FrameHeader.String\"}, {\"name\": \"FrameType.String\"}, {\"name\": \"FrameWriteRequest.String\"}, {\"name\": \"Framer.ReadFrame\"}, {\"name\": \"Framer.WriteContinuation\"}, {\"name\": \"Framer.WriteData\"}, {\"name\": \"Framer.WriteDataPadded\"}, {\"name\": \"Framer.WriteGoAway\"}, {\"name\": \"Framer.WriteHeaders\"}, {\"name\": \"Framer.WritePing\"}, {\"name\": \"Framer.WritePriority\"}, {\"name\": \"Framer.WritePushPromise\"}, {\"name\": \"Framer.WriteRSTStream\"}, {\"name\": \"Framer.WriteRawFrame\"}, {\"name\": \"Framer.WriteSettings\"}, {\"name\": \"Framer.WriteSettingsAck\"}, {\"name\": \"Framer.WriteWindowUpdate\"}, {\"name\": \"GoAwayError.Error\"}, {\"name\": \"ReadFrameHeader\"}, {\"name\": \"Server.ServeConn\"}, {\"name\": \"Setting.String\"}, {\"name\": \"SettingID.String\"}, {\"name\": \"SettingsFrame.ForeachSetting\"}, {\"name\": \"StreamError.Error\"}, {\"name\": \"Transport.CloseIdleConnections\"}, {\"name\": \"Transport.NewClientConn\"}, {\"name\": \"Transport.RoundTrip\"}, {\"name\": \"Transport.RoundTripOpt\"}, {\"name\": \"bufferedWriter.Flush\"}, {\"name\": \"bufferedWriter.Write\"}, {\"name\": \"chunkWriter.Write\"}, {\"name\": \"clientConnPool.GetClientConn\"}, {\"name\": \"connError.Error\"}, {\"name\": \"dataBuffer.Read\"}, {\"name\": \"duplicatePseudoHeaderError.Error\"}, {\"name\": \"gzipReader.Close\"}, {\"name\": \"gzipReader.Read\"}, {\"name\": \"headerFieldNameError.Error\"}, {\"name\": \"headerFieldValueError.Error\"}, {\"name\": \"noDialClientConnPool.GetClientConn\"}, {\"name\": \"noDialH2RoundTripper.RoundTrip\"}, {\"name\": \"pipe.Read\"}, {\"name\": \"priorityWriteScheduler.CloseStream\"}, {\"name\": \"priorityWriteScheduler.OpenStream\"}, {\"name\": \"pseudoHeaderError.Error\"}, {\"name\": \"requestBody.Close\"}, {\"name\": \"requestBody.Read\"}, {\"name\": \"responseWriter.Flush\"}, {\"name\": \"responseWriter.FlushError\"}, {\"name\": \"responseWriter.Push\"}, {\"name\": \"responseWriter.SetReadDeadline\"}, {\"name\": \"responseWriter.SetWriteDeadline\"}, {\"name\": \"responseWriter.Write\"}, {\"name\": \"responseWriter.WriteHeader\"}, {\"name\": \"responseWriter.WriteString\"}, {\"name\": \"roundRobinWriteScheduler.OpenStream\"}, {\"name\": \"serverConn.CloseConn\"}, {\"name\": \"serverConn.Flush\"}, {\"name\": \"stickyErrWriter.Write\"}, {\"name\": \"transportResponseBody.Close\"}, {\"name\": \"transportResponseBody.Read\"}, {\"name\": \"writeData.String\"}]}], \"references\": [{\"url\": \"https://go.dev/issue/65051\"}, {\"url\": \"https://go.dev/cl/576155\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-2687\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240419-0009/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/05/4\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/03/16\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-400: Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2024-05-01T17:10:07.754Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-45288\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-04T18:17:43.583Z\", \"dateReserved\": \"2023-10-06T17:06:26.221Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2024-04-04T20:37:30.714Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2024:2892
Vulnerability from csaf_redhat - Published: 2024-05-20 10:31 - Updated: 2026-06-02 15:09Summary
Red Hat Security Advisory: go-toolset-1.19-golang security update
Severity
Important
Notes
Topic: An update for go-toolset-1.19-golang is now available for Red Hat Developer Tools.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
10 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for go-toolset-1.19-golang is now available for Red Hat Developer Tools.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2892",
"url": "https://access.redhat.com/errata/RHSA-2024:2892"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2892.json"
}
],
"title": "Red Hat Security Advisory: go-toolset-1.19-golang security update",
"tracking": {
"current_release_date": "2026-06-02T15:09:35+00:00",
"generator": {
"date": "2026-06-02T15:09:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:2892",
"initial_release_date": "2024-05-20T10:31:07+00:00",
"revision_history": [
{
"date": "2024-05-20T10:31:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-20T10:31:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:09:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:devtools:2023::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:devtools:2023::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Developer Tools"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.src",
"product": {
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.src",
"product_id": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang@1.19.13-7.el7_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64",
"product": {
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64",
"product_id": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang@1.19.13-7.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64",
"product": {
"name": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64",
"product_id": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang-bin@1.19.13-7.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64",
"product": {
"name": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64",
"product_id": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang-misc@1.19.13-7.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64",
"product": {
"name": "go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64",
"product_id": "go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang-race@1.19.13-7.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64",
"product": {
"name": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64",
"product_id": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang-src@1.19.13-7.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64",
"product": {
"name": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64",
"product_id": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang-tests@1.19.13-7.el7_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x",
"product": {
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x",
"product_id": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang@1.19.13-7.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x",
"product": {
"name": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x",
"product_id": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang-bin@1.19.13-7.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x",
"product": {
"name": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x",
"product_id": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang-misc@1.19.13-7.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x",
"product": {
"name": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x",
"product_id": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang-src@1.19.13-7.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x",
"product": {
"name": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x",
"product_id": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang-tests@1.19.13-7.el7_9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le",
"product_id": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang@1.19.13-7.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le",
"product_id": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang-bin@1.19.13-7.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le",
"product_id": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang-misc@1.19.13-7.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le",
"product_id": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang-src@1.19.13-7.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le",
"product_id": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang-tests@1.19.13-7.el7_9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch",
"product": {
"name": "go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch",
"product_id": "go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.19-golang-docs@1.19.13-7.el7_9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x"
},
"product_reference": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.src as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.src"
},
"product_reference": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.src",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64"
},
"product_reference": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x"
},
"product_reference": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64"
},
"product_reference": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch"
},
"product_reference": "go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x"
},
"product_reference": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64"
},
"product_reference": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64"
},
"product_reference": "go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x"
},
"product_reference": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64"
},
"product_reference": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x"
},
"product_reference": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64"
},
"product_reference": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x"
},
"product_reference": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.src as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.src"
},
"product_reference": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.src",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64"
},
"product_reference": "go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x"
},
"product_reference": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64"
},
"product_reference": "go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch"
},
"product_reference": "go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x"
},
"product_reference": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64"
},
"product_reference": "go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64"
},
"product_reference": "go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x"
},
"product_reference": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64"
},
"product_reference": "go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x"
},
"product_reference": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64"
},
"product_reference": "go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2023.2"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.src",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.src",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-20T10:31:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.src",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.src",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2892"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.src",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.src",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.src",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x",
"7Server-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.src",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-bin-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-docs-0:1.19.13-7.el7_9.noarch",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-misc-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-race-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-src-0:1.19.13-7.el7_9.x86_64",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.ppc64le",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.s390x",
"7Workstation-DevTools-2023.2:go-toolset-1.19-golang-tests-0:1.19.13-7.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
}
]
}
RHSA-2024:2901
Vulnerability from csaf_redhat - Published: 2024-05-23 14:09 - Updated: 2026-06-20 13:29Summary
Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.12.1-394 Security Update
Severity
Low
Notes
Topic: Custom Metrics Autoscaler Operator for Red Hat OpenShift including security
updates.
The following updates for the Custom Metric Autoscaler operator for Red Hat
OpenShift are now available:
* custom-metrics-autoscaler-adapter-container
* custom-metrics-autoscaler-admission-webhooks-container
* custom-metrics-autoscaler-container
* custom-metrics-autoscaler-operator-bundle-container
* custom-metrics-autoscaler-operator-container
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The Custom Metrics Autoscaler Operator for Red Hat OpenShift is an optional
operator, based on the Kubernetes Event Driven Autoscaler (KEDA), which allows
workloads to be scaled using additional metrics sources other than pod metrics.
This release builds upon updated compiler, runtime library, and base images for
the purpose of resolving any potential security issues present in previous
toolset versions.
This version makes use of newer tools and libraries to address the following
issues:
golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786)
golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
golang: html/template: errors returned from MarshalJSON methods may break template escaping (CVE-2024-24785)
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm (CVE-2024-24783)
golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)
golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect (CVE-2023-45289)
This release is based upon KEDA 2.12.1
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Go's net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
5.3 (Medium)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was discovered in Go's net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.
5.3 (Medium)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.
5.9 (Medium)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Go's html/template standard library package. If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing subsequent actions to inject unexpected content into templates.
6.5 (Medium)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.
5.9 (Medium)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
47 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Custom Metrics Autoscaler Operator for Red Hat OpenShift including security\nupdates.\n\nThe following updates for the Custom Metric Autoscaler operator for Red Hat\nOpenShift are now available:\n\n* custom-metrics-autoscaler-adapter-container\n* custom-metrics-autoscaler-admission-webhooks-container\n* custom-metrics-autoscaler-container\n* custom-metrics-autoscaler-operator-bundle-container\n* custom-metrics-autoscaler-operator-container\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Custom Metrics Autoscaler Operator for Red Hat OpenShift is an optional\noperator, based on the Kubernetes Event Driven Autoscaler (KEDA), which allows\nworkloads to be scaled using additional metrics sources other than pod metrics.\nThis release builds upon updated compiler, runtime library, and base images for\nthe purpose of resolving any potential security issues present in previous\ntoolset versions.\n\nThis version makes use of newer tools and libraries to address the following\nissues:\ngolang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786)\ngolang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)\ngolang: html/template: errors returned from MarshalJSON methods may break template escaping (CVE-2024-24785)\ngolang: crypto/x509: Verify panics on certificates with an unknown public key algorithm (CVE-2024-24783)\ngolang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)\ngolang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect (CVE-2023-45289)\n\nThis release is based upon KEDA 2.12.1",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2901",
"url": "https://access.redhat.com/errata/RHSA-2024:2901"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2901.json"
}
],
"title": "Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.12.1-394 Security Update",
"tracking": {
"current_release_date": "2026-06-20T13:29:27+00:00",
"generator": {
"date": "2026-06-20T13:29:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2024:2901",
"initial_release_date": "2024-05-23T14:09:31+00:00",
"revision_history": [
{
"date": "2024-05-23T14:09:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-23T14:09:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-20T13:29:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Custom Metrics Autoscaler 2",
"product": {
"name": "OpenShift Custom Metrics Autoscaler 2",
"product_id": "8Base-OCMA-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.0::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Custom Metrics Autoscaler"
},
{
"branches": [
{
"category": "product_version",
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"product": {
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"product_id": "custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8\u0026tag=2.12.1-394"
}
}
},
{
"category": "product_version",
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"product": {
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"product_id": "custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8\u0026tag=2.12.1-394"
}
}
},
{
"category": "product_version",
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64",
"product": {
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64",
"product_id": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8\u0026tag=2.12.1-394"
}
}
},
{
"category": "product_version",
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"product": {
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"product_id": "custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle\u0026tag=2.12.1-394"
}
}
},
{
"category": "product_version",
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"product": {
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"product_id": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator\u0026tag=2.12.1-394"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64 as a component of OpenShift Custom Metrics Autoscaler 2",
"product_id": "8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64"
},
"product_reference": "custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"relates_to_product_reference": "8Base-OCMA-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64 as a component of OpenShift Custom Metrics Autoscaler 2",
"product_id": "8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64"
},
"product_reference": "custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"relates_to_product_reference": "8Base-OCMA-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64 as a component of OpenShift Custom Metrics Autoscaler 2",
"product_id": "8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64"
},
"product_reference": "custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"relates_to_product_reference": "8Base-OCMA-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64 as a component of OpenShift Custom Metrics Autoscaler 2",
"product_id": "8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64"
},
"product_reference": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"relates_to_product_reference": "8Base-OCMA-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64 as a component of OpenShift Custom Metrics Autoscaler 2",
"product_id": "8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
},
"product_reference": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64",
"relates_to_product_reference": "8Base-OCMA-2"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-23T14:09:31+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2901"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
},
{
"cve": "CVE-2023-45289",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45289"
},
{
"category": "external",
"summary": "RHBZ#2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-23T14:09:31+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect"
},
{
"cve": "CVE-2023-45290",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268017"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Go\u0027s net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45290"
},
{
"category": "external",
"summary": "RHBZ#2268017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268017"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://go.dev/cl/569341",
"url": "https://go.dev/cl/569341"
},
{
"category": "external",
"summary": "https://go.dev/issue/65383",
"url": "https://go.dev/issue/65383"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2599",
"url": "https://pkg.go.dev/vuln/GO-2024-2599"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0004",
"url": "https://security.netapp.com/advisory/ntap-20240329-0004"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-23T14:09:31+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm"
},
{
"cve": "CVE-2024-24783",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268019"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24783"
},
{
"category": "external",
"summary": "RHBZ#2268019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp",
"url": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp"
},
{
"category": "external",
"summary": "https://go.dev/cl/569339",
"url": "https://go.dev/cl/569339"
},
{
"category": "external",
"summary": "https://go.dev/issue/65390",
"url": "https://go.dev/issue/65390"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2598",
"url": "https://pkg.go.dev/vuln/GO-2024-2598"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0005",
"url": "https://security.netapp.com/advisory/ntap-20240329-0005"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-23T14:09:31+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm"
},
{
"cve": "CVE-2024-24785",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s html/template standard library package. If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing subsequent actions to inject unexpected content into templates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: errors returned from MarshalJSON methods may break template escaping",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24785"
},
{
"category": "external",
"summary": "RHBZ#2268022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24785"
},
{
"category": "external",
"summary": "https://go.dev/cl/564196",
"url": "https://go.dev/cl/564196"
},
{
"category": "external",
"summary": "https://go.dev/issue/65697",
"url": "https://go.dev/issue/65697"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2024-2610.json",
"url": "https://vuln.go.dev/ID/GO-2024-2610.json"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-23T14:09:31+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: errors returned from MarshalJSON methods may break template escaping"
},
{
"cve": "CVE-2024-24786",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268046"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24786"
},
{
"category": "external",
"summary": "RHBZ#2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"category": "external",
"summary": "https://go.dev/cl/569356",
"url": "https://go.dev/cl/569356"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
"url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2611",
"url": "https://pkg.go.dev/vuln/GO-2024-2611"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-23T14:09:31+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2901"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8@sha256:1b0955076b99b7b240ef4baf55c079a8bba0d779fff6828e9acae70f4c71ad2b_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8@sha256:cd17032a683ebcdee0a8566e9427cc4e20eaa7413489dc2f9739bb1338c4c4a1_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:b37be6f77b561de87de3a1678ac59edf6fc56fac6eabb86d767013ba5beca423_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator@sha256:de412b59e51684011b87900b31c46b04ef7b3f82b17ec65c9606b5d493aa8a69_amd64",
"8Base-OCMA-2:custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8@sha256:0a3f76360bc53346024baad729ee588e5bf8f616bfcdc31ebbe7772060ecd380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
}
]
}
RHSA-2024:2929
Vulnerability from csaf_redhat - Published: 2024-05-23 06:49 - Updated: 2026-06-02 15:09Summary
Red Hat Security Advisory: logging for Red Hat OpenShift security update
Severity
Important
Notes
Topic: An update is now available for RHOL-5.6-RHEL-8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: TODO: add package description
Security Fix(es):
* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
63 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:1ac77ae26db0a0a62541ea3997d43d06b6b77cba6b3cbb62630723d731c088c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:187ac933f9ec7661a44a7170f57af98e3f603cff7104ec1aa4f9d64ca38f4565_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:26a2c965d80a687efe8abf20098574eced63d33b113426bbf02676a91cdaec81_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:771510bc988b79286869d5f501e7361191c0199650dd2875a967580b526db3aa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c0ab5ca070538ba1c929ae859394d469365d880ada0406c58aba47cd570b166b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:d1882ce4aceb2915b624f244b43fcf27f310a6627b255e7a39d76cd8bcb4fbbb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:00ffe6bcfecf07a92b3b22c1f4ae4bd081f58d60bd287e30bfbaff9db4e08e2d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:16d87d17f2ccf3037a159c4a1edf6d0e0b9af5adc8da9b4f2081f5b34c8d8928_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:35e0f2f958eca2c6c65a400311aaedc892c50b308e19b444b81a5c34152cee1e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:71e60f43eab5c3fca8122a52147454cdeea5ba09e4c5b93266e5c3732f377126_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:3284a445ea1ee777dd791ce9ade976d0979bebc7d2ef1b8ee12d7e2a8975beb6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34b8995031ebf6931fc37bdb64e4ce4216d1d2a3acb810c8541c6d9b65eb0b12_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f61bed36d93956fd0b3df02c59a6c1d33dab7ec1334bd87d5b269d2abca3b326_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:ff38f506b00322fcd78007ce2513f0c3600d4d4169764c871f43969e034d3c69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:21861eedf299ea5f07d11d99f9b99802c10ea6a3931af7eba877ba1785d8974f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:627aba20bdc63c6bd13283f8344287b0a92368278420979ad751afb20863c073_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:ac0d3928b83b4cfcbd49f1ea3f2347be12bf36ac7a7da23bde1104a53191ef8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:b2d4561100b8cd912b6b2a2b3a3ca377292dccddfa7b062c23af0eef8299b99b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:5c2bdd7799a419af2f06c6ade1ee9ea60294c7cad77d9163de893217b64dc1a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:7a4366860941e811490e2e6a649dd313ead6ca69d0b08861f939f757d6504fae_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:86c2b052511d23f1dcff7c4c1b5d72248f5636faa3baf621f6b39eae658c6bd0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fe28b07cef0691d423ad05f9142300203c685bc641530f786173a81593824926_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:21654d3ae2805214b7972948bd18eb13fcdedbe7d0e7700c31e4e70df8e8fb18_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:52c9edc1fbcf08202c53ef031afa5cfaf84a921d9400f2b0cd6a52ff95be4258_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:a6cc4bec652f78b4e4af1a3f3a4d598037ff160525d44f8c365b296d5dcca163_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:b530551aa7b4c0ea3d52ea7dbb396ab333ca955e26366d72d0c7f807cecf697d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:1439553e1abf56115e66b3a1184ccde547bf7b7a94e908db77efabbd310bdb5d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:2bee7d13eca0139913259bf33107eb595fd8c8e6e2cb4f1b279c9679c62689bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e1d5ccd9faf1b9c39d686973387d690b91d3ca8177011b7886192ec273311057_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f3e507281e863f20d31a12c743b01b9764a3d33d629783067840f906d72b1103_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:0d4b324a4726c9a495c8f3f6334b101a8630d5643e2a24ecf1f9976beeb987aa_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:66cd147e89ba7287512118d4a7fa001d3d1bb5817ba86977cb732fab449de53f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:c32bca1304d02c125fb7cc0442e6582cdd0e2bbf86a2c74c166265ea186508a8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:d34eef63fa54e8de1d9d5bbf94ce8e876909337b1430537090c48dc4c6196d58_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:22822ecca302baaff118b6f10e55044d0cf5140ceace7881f6985da1f407898c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:7098187caace8bbc42fdbbbf4ec34872a0a3d113e82e808b4a0d74103bc76439_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:c75535b311bcbee9253369cb0f86277af3d7e929913b1cf53536bfec5d6b771d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f8021819435b40b8187238ecbddfbfa4b9d9e06269e1b52362dec424dcd5cea1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:371692f70ccc31947a29a32d17a865e142c17dbc89b0fb83cc54beb488fa566a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:7829acc341ae10b835888a680c203b1057347527f46f101cc0c1cca3617c57c7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a242ba080079d36da742db65dc80a72d0209a4c403c05bd35fdb3fae830a5f32_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:ba73a21803df6f0516658bd30dd24e9ec4a948ccb955d36cb38365bbc112e4bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:492a612f8d74cd4843e540e6778d256ab7a696bca923989c7241f20f18e68327_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:741c99f5624d8928ce46acab54dde7eb61451813fbed26bd5509bb1e66b22091_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:8d15598e7c617bac67d0027749c3d1fa930e5b0c328c2595db45e236296376ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:e50274625e0bf0e1eafb2053604951460842d416a71ea1185a457a98acaa9457_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:dfeb444503ad0b421cd951f9f66eba001e3b1ac8a01060c2cb5c04be5c5e0290_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:4417fd2330dfd900f650ecd3521a6e0bee06ae0ac76cb9d7016608bd9fb9ff23_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:9cde0eade0281c238cf8d9741f482ab65ef2e73394369f7bd5e9247989698ede_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e7867bb0ccdb9a4010d54b0c70530ac6c0419f59e6d259ad58c8d2399a366488_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ec15e5b8266d016bc5843d3df51c8c539153dccd4225a369ee203e16e47cc276_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:34a2ce3aec49a14f2311223d65ea002606384c3336e2403c8234d4ff1196e9e1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:78813f44da05bcd9326f038b868aa8545e96a58a5d7a53a5cf9852ce410ef981_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:8ce58b5d08047ef3ea19c2a05dc19d818dd86d05f100b34f23eac2a25c9f2572_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a1bdf15d3ee379f7addd6bc8edd1f77fa8cf55f6a64034331ab8f901026c8a8f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:376d2b1d7202a3fd04669ec138917a3fe37590a36bc78dcf3398fd997d6d610a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:a0d73b892a19d6ece140fe2469b7c02d92a49d6dbabcbe22deae602a60c34ff8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b587aa9eaf4f41f61bd010d1def0f5254379a93f71705e9d46269f4dfa3375fd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e7ae951caf6df4cbf86c22efab1114e18ea4fca6c44a6f2b98f209688eb3c85e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:01b00bac7593528af137f5d8903d0a9e2aeeab9aec851d3e9894c2eedc1427d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:91476c44682f82e16db0960fab216f5d1e506f4f9e1b71c32160e81eaf222002_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:b9de3ad2251161e7e127d39527c93a684b7e8b1e4e39ed987270628180eac113_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:cf252ac88ea891642e1dd6377fa7e312a5a652c4bdf8829700b18fd8b1ef37c5_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
12 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for RHOL-5.6-RHEL-8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "TODO: add package description\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2929",
"url": "https://access.redhat.com/errata/RHSA-2024:2929"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "LOG-5529",
"url": "https://issues.redhat.com/browse/LOG-5529"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2929.json"
}
],
"title": "Red Hat Security Advisory: logging for Red Hat OpenShift security update",
"tracking": {
"current_release_date": "2026-06-02T15:09:36+00:00",
"generator": {
"date": "2026-06-02T15:09:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:2929",
"initial_release_date": "2024-05-23T06:49:37+00:00",
"revision_history": [
{
"date": "2024-05-23T06:49:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-23T06:49:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:09:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.6 for RHEL 8",
"product": {
"name": "RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.6::el8"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:26a2c965d80a687efe8abf20098574eced63d33b113426bbf02676a91cdaec81_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:26a2c965d80a687efe8abf20098574eced63d33b113426bbf02676a91cdaec81_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:26a2c965d80a687efe8abf20098574eced63d33b113426bbf02676a91cdaec81_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:26a2c965d80a687efe8abf20098574eced63d33b113426bbf02676a91cdaec81?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.19-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:3284a445ea1ee777dd791ce9ade976d0979bebc7d2ef1b8ee12d7e2a8975beb6_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:3284a445ea1ee777dd791ce9ade976d0979bebc7d2ef1b8ee12d7e2a8975beb6_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:3284a445ea1ee777dd791ce9ade976d0979bebc7d2ef1b8ee12d7e2a8975beb6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:3284a445ea1ee777dd791ce9ade976d0979bebc7d2ef1b8ee12d7e2a8975beb6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.19-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:35e0f2f958eca2c6c65a400311aaedc892c50b308e19b444b81a5c34152cee1e_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:35e0f2f958eca2c6c65a400311aaedc892c50b308e19b444b81a5c34152cee1e_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:35e0f2f958eca2c6c65a400311aaedc892c50b308e19b444b81a5c34152cee1e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:35e0f2f958eca2c6c65a400311aaedc892c50b308e19b444b81a5c34152cee1e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-486"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:0d4b324a4726c9a495c8f3f6334b101a8630d5643e2a24ecf1f9976beeb987aa_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:0d4b324a4726c9a495c8f3f6334b101a8630d5643e2a24ecf1f9976beeb987aa_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:0d4b324a4726c9a495c8f3f6334b101a8630d5643e2a24ecf1f9976beeb987aa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:0d4b324a4726c9a495c8f3f6334b101a8630d5643e2a24ecf1f9976beeb987aa?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-234"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:c75535b311bcbee9253369cb0f86277af3d7e929913b1cf53536bfec5d6b771d_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:c75535b311bcbee9253369cb0f86277af3d7e929913b1cf53536bfec5d6b771d_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:c75535b311bcbee9253369cb0f86277af3d7e929913b1cf53536bfec5d6b771d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:c75535b311bcbee9253369cb0f86277af3d7e929913b1cf53536bfec5d6b771d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-476"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:ac0d3928b83b4cfcbd49f1ea3f2347be12bf36ac7a7da23bde1104a53191ef8e_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:ac0d3928b83b4cfcbd49f1ea3f2347be12bf36ac7a7da23bde1104a53191ef8e_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:ac0d3928b83b4cfcbd49f1ea3f2347be12bf36ac7a7da23bde1104a53191ef8e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:ac0d3928b83b4cfcbd49f1ea3f2347be12bf36ac7a7da23bde1104a53191ef8e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-414"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:7a4366860941e811490e2e6a649dd313ead6ca69d0b08861f939f757d6504fae_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:7a4366860941e811490e2e6a649dd313ead6ca69d0b08861f939f757d6504fae_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:7a4366860941e811490e2e6a649dd313ead6ca69d0b08861f939f757d6504fae_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:7a4366860941e811490e2e6a649dd313ead6ca69d0b08861f939f757d6504fae?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-254"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:52c9edc1fbcf08202c53ef031afa5cfaf84a921d9400f2b0cd6a52ff95be4258_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:52c9edc1fbcf08202c53ef031afa5cfaf84a921d9400f2b0cd6a52ff95be4258_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:52c9edc1fbcf08202c53ef031afa5cfaf84a921d9400f2b0cd6a52ff95be4258_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:52c9edc1fbcf08202c53ef031afa5cfaf84a921d9400f2b0cd6a52ff95be4258?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-217"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:f3e507281e863f20d31a12c743b01b9764a3d33d629783067840f906d72b1103_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:f3e507281e863f20d31a12c743b01b9764a3d33d629783067840f906d72b1103_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:f3e507281e863f20d31a12c743b01b9764a3d33d629783067840f906d72b1103_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:f3e507281e863f20d31a12c743b01b9764a3d33d629783067840f906d72b1103?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-435"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:ba73a21803df6f0516658bd30dd24e9ec4a948ccb955d36cb38365bbc112e4bc_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:ba73a21803df6f0516658bd30dd24e9ec4a948ccb955d36cb38365bbc112e4bc_s390x",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:ba73a21803df6f0516658bd30dd24e9ec4a948ccb955d36cb38365bbc112e4bc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:ba73a21803df6f0516658bd30dd24e9ec4a948ccb955d36cb38365bbc112e4bc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.8-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:cf252ac88ea891642e1dd6377fa7e312a5a652c4bdf8829700b18fd8b1ef37c5_s390x",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:cf252ac88ea891642e1dd6377fa7e312a5a652c4bdf8829700b18fd8b1ef37c5_s390x",
"product_id": "openshift-logging/vector-rhel8@sha256:cf252ac88ea891642e1dd6377fa7e312a5a652c4bdf8829700b18fd8b1ef37c5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:cf252ac88ea891642e1dd6377fa7e312a5a652c4bdf8829700b18fd8b1ef37c5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-128"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:492a612f8d74cd4843e540e6778d256ab7a696bca923989c7241f20f18e68327_s390x",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:492a612f8d74cd4843e540e6778d256ab7a696bca923989c7241f20f18e68327_s390x",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:492a612f8d74cd4843e540e6778d256ab7a696bca923989c7241f20f18e68327_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:492a612f8d74cd4843e540e6778d256ab7a696bca923989c7241f20f18e68327?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.19-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:ec15e5b8266d016bc5843d3df51c8c539153dccd4225a369ee203e16e47cc276_s390x",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:ec15e5b8266d016bc5843d3df51c8c539153dccd4225a369ee203e16e47cc276_s390x",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:ec15e5b8266d016bc5843d3df51c8c539153dccd4225a369ee203e16e47cc276_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:ec15e5b8266d016bc5843d3df51c8c539153dccd4225a369ee203e16e47cc276?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.19-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:78813f44da05bcd9326f038b868aa8545e96a58a5d7a53a5cf9852ce410ef981_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:78813f44da05bcd9326f038b868aa8545e96a58a5d7a53a5cf9852ce410ef981_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:78813f44da05bcd9326f038b868aa8545e96a58a5d7a53a5cf9852ce410ef981_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:78813f44da05bcd9326f038b868aa8545e96a58a5d7a53a5cf9852ce410ef981?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-546"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:b587aa9eaf4f41f61bd010d1def0f5254379a93f71705e9d46269f4dfa3375fd_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:b587aa9eaf4f41f61bd010d1def0f5254379a93f71705e9d46269f4dfa3375fd_s390x",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:b587aa9eaf4f41f61bd010d1def0f5254379a93f71705e9d46269f4dfa3375fd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:b587aa9eaf4f41f61bd010d1def0f5254379a93f71705e9d46269f4dfa3375fd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-239"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:771510bc988b79286869d5f501e7361191c0199650dd2875a967580b526db3aa_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:771510bc988b79286869d5f501e7361191c0199650dd2875a967580b526db3aa_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:771510bc988b79286869d5f501e7361191c0199650dd2875a967580b526db3aa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:771510bc988b79286869d5f501e7361191c0199650dd2875a967580b526db3aa?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.19-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:1ac77ae26db0a0a62541ea3997d43d06b6b77cba6b3cbb62630723d731c088c1_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:1ac77ae26db0a0a62541ea3997d43d06b6b77cba6b3cbb62630723d731c088c1_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:1ac77ae26db0a0a62541ea3997d43d06b6b77cba6b3cbb62630723d731c088c1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:1ac77ae26db0a0a62541ea3997d43d06b6b77cba6b3cbb62630723d731c088c1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.6.19-13"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:34b8995031ebf6931fc37bdb64e4ce4216d1d2a3acb810c8541c6d9b65eb0b12_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:34b8995031ebf6931fc37bdb64e4ce4216d1d2a3acb810c8541c6d9b65eb0b12_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:34b8995031ebf6931fc37bdb64e4ce4216d1d2a3acb810c8541c6d9b65eb0b12_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:34b8995031ebf6931fc37bdb64e4ce4216d1d2a3acb810c8541c6d9b65eb0b12?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.19-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:d1882ce4aceb2915b624f244b43fcf27f310a6627b255e7a39d76cd8bcb4fbbb_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:d1882ce4aceb2915b624f244b43fcf27f310a6627b255e7a39d76cd8bcb4fbbb_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:d1882ce4aceb2915b624f244b43fcf27f310a6627b255e7a39d76cd8bcb4fbbb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:d1882ce4aceb2915b624f244b43fcf27f310a6627b255e7a39d76cd8bcb4fbbb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.6.19-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:16d87d17f2ccf3037a159c4a1edf6d0e0b9af5adc8da9b4f2081f5b34c8d8928_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:16d87d17f2ccf3037a159c4a1edf6d0e0b9af5adc8da9b4f2081f5b34c8d8928_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:16d87d17f2ccf3037a159c4a1edf6d0e0b9af5adc8da9b4f2081f5b34c8d8928_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:16d87d17f2ccf3037a159c4a1edf6d0e0b9af5adc8da9b4f2081f5b34c8d8928?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-486"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d34eef63fa54e8de1d9d5bbf94ce8e876909337b1430537090c48dc4c6196d58_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d34eef63fa54e8de1d9d5bbf94ce8e876909337b1430537090c48dc4c6196d58_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d34eef63fa54e8de1d9d5bbf94ce8e876909337b1430537090c48dc4c6196d58_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:d34eef63fa54e8de1d9d5bbf94ce8e876909337b1430537090c48dc4c6196d58?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-234"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:f8021819435b40b8187238ecbddfbfa4b9d9e06269e1b52362dec424dcd5cea1_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:f8021819435b40b8187238ecbddfbfa4b9d9e06269e1b52362dec424dcd5cea1_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:f8021819435b40b8187238ecbddfbfa4b9d9e06269e1b52362dec424dcd5cea1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:f8021819435b40b8187238ecbddfbfa4b9d9e06269e1b52362dec424dcd5cea1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-476"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:627aba20bdc63c6bd13283f8344287b0a92368278420979ad751afb20863c073_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:627aba20bdc63c6bd13283f8344287b0a92368278420979ad751afb20863c073_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:627aba20bdc63c6bd13283f8344287b0a92368278420979ad751afb20863c073_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:627aba20bdc63c6bd13283f8344287b0a92368278420979ad751afb20863c073?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-414"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:5c2bdd7799a419af2f06c6ade1ee9ea60294c7cad77d9163de893217b64dc1a5_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:5c2bdd7799a419af2f06c6ade1ee9ea60294c7cad77d9163de893217b64dc1a5_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:5c2bdd7799a419af2f06c6ade1ee9ea60294c7cad77d9163de893217b64dc1a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:5c2bdd7799a419af2f06c6ade1ee9ea60294c7cad77d9163de893217b64dc1a5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-254"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:21654d3ae2805214b7972948bd18eb13fcdedbe7d0e7700c31e4e70df8e8fb18_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:21654d3ae2805214b7972948bd18eb13fcdedbe7d0e7700c31e4e70df8e8fb18_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:21654d3ae2805214b7972948bd18eb13fcdedbe7d0e7700c31e4e70df8e8fb18_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:21654d3ae2805214b7972948bd18eb13fcdedbe7d0e7700c31e4e70df8e8fb18?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-217"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:e1d5ccd9faf1b9c39d686973387d690b91d3ca8177011b7886192ec273311057_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:e1d5ccd9faf1b9c39d686973387d690b91d3ca8177011b7886192ec273311057_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:e1d5ccd9faf1b9c39d686973387d690b91d3ca8177011b7886192ec273311057_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:e1d5ccd9faf1b9c39d686973387d690b91d3ca8177011b7886192ec273311057?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-435"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:a242ba080079d36da742db65dc80a72d0209a4c403c05bd35fdb3fae830a5f32_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:a242ba080079d36da742db65dc80a72d0209a4c403c05bd35fdb3fae830a5f32_amd64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:a242ba080079d36da742db65dc80a72d0209a4c403c05bd35fdb3fae830a5f32_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:a242ba080079d36da742db65dc80a72d0209a4c403c05bd35fdb3fae830a5f32?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.8-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:01b00bac7593528af137f5d8903d0a9e2aeeab9aec851d3e9894c2eedc1427d6_amd64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:01b00bac7593528af137f5d8903d0a9e2aeeab9aec851d3e9894c2eedc1427d6_amd64",
"product_id": "openshift-logging/vector-rhel8@sha256:01b00bac7593528af137f5d8903d0a9e2aeeab9aec851d3e9894c2eedc1427d6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:01b00bac7593528af137f5d8903d0a9e2aeeab9aec851d3e9894c2eedc1427d6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-128"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:741c99f5624d8928ce46acab54dde7eb61451813fbed26bd5509bb1e66b22091_amd64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:741c99f5624d8928ce46acab54dde7eb61451813fbed26bd5509bb1e66b22091_amd64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:741c99f5624d8928ce46acab54dde7eb61451813fbed26bd5509bb1e66b22091_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:741c99f5624d8928ce46acab54dde7eb61451813fbed26bd5509bb1e66b22091?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.19-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:dfeb444503ad0b421cd951f9f66eba001e3b1ac8a01060c2cb5c04be5c5e0290_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:dfeb444503ad0b421cd951f9f66eba001e3b1ac8a01060c2cb5c04be5c5e0290_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:dfeb444503ad0b421cd951f9f66eba001e3b1ac8a01060c2cb5c04be5c5e0290_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:dfeb444503ad0b421cd951f9f66eba001e3b1ac8a01060c2cb5c04be5c5e0290?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.6.19-16"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:e7867bb0ccdb9a4010d54b0c70530ac6c0419f59e6d259ad58c8d2399a366488_amd64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:e7867bb0ccdb9a4010d54b0c70530ac6c0419f59e6d259ad58c8d2399a366488_amd64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:e7867bb0ccdb9a4010d54b0c70530ac6c0419f59e6d259ad58c8d2399a366488_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:e7867bb0ccdb9a4010d54b0c70530ac6c0419f59e6d259ad58c8d2399a366488?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.19-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:a1bdf15d3ee379f7addd6bc8edd1f77fa8cf55f6a64034331ab8f901026c8a8f_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:a1bdf15d3ee379f7addd6bc8edd1f77fa8cf55f6a64034331ab8f901026c8a8f_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:a1bdf15d3ee379f7addd6bc8edd1f77fa8cf55f6a64034331ab8f901026c8a8f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:a1bdf15d3ee379f7addd6bc8edd1f77fa8cf55f6a64034331ab8f901026c8a8f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-546"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:e7ae951caf6df4cbf86c22efab1114e18ea4fca6c44a6f2b98f209688eb3c85e_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:e7ae951caf6df4cbf86c22efab1114e18ea4fca6c44a6f2b98f209688eb3c85e_amd64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:e7ae951caf6df4cbf86c22efab1114e18ea4fca6c44a6f2b98f209688eb3c85e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:e7ae951caf6df4cbf86c22efab1114e18ea4fca6c44a6f2b98f209688eb3c85e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-239"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:187ac933f9ec7661a44a7170f57af98e3f603cff7104ec1aa4f9d64ca38f4565_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:187ac933f9ec7661a44a7170f57af98e3f603cff7104ec1aa4f9d64ca38f4565_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:187ac933f9ec7661a44a7170f57af98e3f603cff7104ec1aa4f9d64ca38f4565_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:187ac933f9ec7661a44a7170f57af98e3f603cff7104ec1aa4f9d64ca38f4565?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.19-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ff38f506b00322fcd78007ce2513f0c3600d4d4169764c871f43969e034d3c69_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ff38f506b00322fcd78007ce2513f0c3600d4d4169764c871f43969e034d3c69_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:ff38f506b00322fcd78007ce2513f0c3600d4d4169764c871f43969e034d3c69_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:ff38f506b00322fcd78007ce2513f0c3600d4d4169764c871f43969e034d3c69?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.19-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:71e60f43eab5c3fca8122a52147454cdeea5ba09e4c5b93266e5c3732f377126_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:71e60f43eab5c3fca8122a52147454cdeea5ba09e4c5b93266e5c3732f377126_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:71e60f43eab5c3fca8122a52147454cdeea5ba09e4c5b93266e5c3732f377126_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:71e60f43eab5c3fca8122a52147454cdeea5ba09e4c5b93266e5c3732f377126?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-486"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:66cd147e89ba7287512118d4a7fa001d3d1bb5817ba86977cb732fab449de53f_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:66cd147e89ba7287512118d4a7fa001d3d1bb5817ba86977cb732fab449de53f_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:66cd147e89ba7287512118d4a7fa001d3d1bb5817ba86977cb732fab449de53f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:66cd147e89ba7287512118d4a7fa001d3d1bb5817ba86977cb732fab449de53f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-234"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:7098187caace8bbc42fdbbbf4ec34872a0a3d113e82e808b4a0d74103bc76439_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:7098187caace8bbc42fdbbbf4ec34872a0a3d113e82e808b4a0d74103bc76439_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:7098187caace8bbc42fdbbbf4ec34872a0a3d113e82e808b4a0d74103bc76439_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:7098187caace8bbc42fdbbbf4ec34872a0a3d113e82e808b4a0d74103bc76439?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-476"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:b2d4561100b8cd912b6b2a2b3a3ca377292dccddfa7b062c23af0eef8299b99b_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:b2d4561100b8cd912b6b2a2b3a3ca377292dccddfa7b062c23af0eef8299b99b_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:b2d4561100b8cd912b6b2a2b3a3ca377292dccddfa7b062c23af0eef8299b99b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:b2d4561100b8cd912b6b2a2b3a3ca377292dccddfa7b062c23af0eef8299b99b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-414"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:fe28b07cef0691d423ad05f9142300203c685bc641530f786173a81593824926_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:fe28b07cef0691d423ad05f9142300203c685bc641530f786173a81593824926_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:fe28b07cef0691d423ad05f9142300203c685bc641530f786173a81593824926_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:fe28b07cef0691d423ad05f9142300203c685bc641530f786173a81593824926?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-254"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:b530551aa7b4c0ea3d52ea7dbb396ab333ca955e26366d72d0c7f807cecf697d_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:b530551aa7b4c0ea3d52ea7dbb396ab333ca955e26366d72d0c7f807cecf697d_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:b530551aa7b4c0ea3d52ea7dbb396ab333ca955e26366d72d0c7f807cecf697d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:b530551aa7b4c0ea3d52ea7dbb396ab333ca955e26366d72d0c7f807cecf697d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-217"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:1439553e1abf56115e66b3a1184ccde547bf7b7a94e908db77efabbd310bdb5d_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:1439553e1abf56115e66b3a1184ccde547bf7b7a94e908db77efabbd310bdb5d_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:1439553e1abf56115e66b3a1184ccde547bf7b7a94e908db77efabbd310bdb5d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:1439553e1abf56115e66b3a1184ccde547bf7b7a94e908db77efabbd310bdb5d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-435"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:371692f70ccc31947a29a32d17a865e142c17dbc89b0fb83cc54beb488fa566a_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:371692f70ccc31947a29a32d17a865e142c17dbc89b0fb83cc54beb488fa566a_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:371692f70ccc31947a29a32d17a865e142c17dbc89b0fb83cc54beb488fa566a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:371692f70ccc31947a29a32d17a865e142c17dbc89b0fb83cc54beb488fa566a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.8-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:91476c44682f82e16db0960fab216f5d1e506f4f9e1b71c32160e81eaf222002_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:91476c44682f82e16db0960fab216f5d1e506f4f9e1b71c32160e81eaf222002_ppc64le",
"product_id": "openshift-logging/vector-rhel8@sha256:91476c44682f82e16db0960fab216f5d1e506f4f9e1b71c32160e81eaf222002_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:91476c44682f82e16db0960fab216f5d1e506f4f9e1b71c32160e81eaf222002?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-128"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:e50274625e0bf0e1eafb2053604951460842d416a71ea1185a457a98acaa9457_ppc64le",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:e50274625e0bf0e1eafb2053604951460842d416a71ea1185a457a98acaa9457_ppc64le",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:e50274625e0bf0e1eafb2053604951460842d416a71ea1185a457a98acaa9457_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:e50274625e0bf0e1eafb2053604951460842d416a71ea1185a457a98acaa9457?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.19-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:9cde0eade0281c238cf8d9741f482ab65ef2e73394369f7bd5e9247989698ede_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:9cde0eade0281c238cf8d9741f482ab65ef2e73394369f7bd5e9247989698ede_ppc64le",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:9cde0eade0281c238cf8d9741f482ab65ef2e73394369f7bd5e9247989698ede_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:9cde0eade0281c238cf8d9741f482ab65ef2e73394369f7bd5e9247989698ede?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.19-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:34a2ce3aec49a14f2311223d65ea002606384c3336e2403c8234d4ff1196e9e1_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:34a2ce3aec49a14f2311223d65ea002606384c3336e2403c8234d4ff1196e9e1_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:34a2ce3aec49a14f2311223d65ea002606384c3336e2403c8234d4ff1196e9e1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:34a2ce3aec49a14f2311223d65ea002606384c3336e2403c8234d4ff1196e9e1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-546"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:376d2b1d7202a3fd04669ec138917a3fe37590a36bc78dcf3398fd997d6d610a_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:376d2b1d7202a3fd04669ec138917a3fe37590a36bc78dcf3398fd997d6d610a_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:376d2b1d7202a3fd04669ec138917a3fe37590a36bc78dcf3398fd997d6d610a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:376d2b1d7202a3fd04669ec138917a3fe37590a36bc78dcf3398fd997d6d610a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-239"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c0ab5ca070538ba1c929ae859394d469365d880ada0406c58aba47cd570b166b_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c0ab5ca070538ba1c929ae859394d469365d880ada0406c58aba47cd570b166b_arm64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:c0ab5ca070538ba1c929ae859394d469365d880ada0406c58aba47cd570b166b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:c0ab5ca070538ba1c929ae859394d469365d880ada0406c58aba47cd570b166b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.19-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f61bed36d93956fd0b3df02c59a6c1d33dab7ec1334bd87d5b269d2abca3b326_arm64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f61bed36d93956fd0b3df02c59a6c1d33dab7ec1334bd87d5b269d2abca3b326_arm64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:f61bed36d93956fd0b3df02c59a6c1d33dab7ec1334bd87d5b269d2abca3b326_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:f61bed36d93956fd0b3df02c59a6c1d33dab7ec1334bd87d5b269d2abca3b326?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.19-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:00ffe6bcfecf07a92b3b22c1f4ae4bd081f58d60bd287e30bfbaff9db4e08e2d_arm64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:00ffe6bcfecf07a92b3b22c1f4ae4bd081f58d60bd287e30bfbaff9db4e08e2d_arm64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:00ffe6bcfecf07a92b3b22c1f4ae4bd081f58d60bd287e30bfbaff9db4e08e2d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:00ffe6bcfecf07a92b3b22c1f4ae4bd081f58d60bd287e30bfbaff9db4e08e2d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-486"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c32bca1304d02c125fb7cc0442e6582cdd0e2bbf86a2c74c166265ea186508a8_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c32bca1304d02c125fb7cc0442e6582cdd0e2bbf86a2c74c166265ea186508a8_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c32bca1304d02c125fb7cc0442e6582cdd0e2bbf86a2c74c166265ea186508a8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:c32bca1304d02c125fb7cc0442e6582cdd0e2bbf86a2c74c166265ea186508a8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-234"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:22822ecca302baaff118b6f10e55044d0cf5140ceace7881f6985da1f407898c_arm64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:22822ecca302baaff118b6f10e55044d0cf5140ceace7881f6985da1f407898c_arm64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:22822ecca302baaff118b6f10e55044d0cf5140ceace7881f6985da1f407898c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:22822ecca302baaff118b6f10e55044d0cf5140ceace7881f6985da1f407898c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-476"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:21861eedf299ea5f07d11d99f9b99802c10ea6a3931af7eba877ba1785d8974f_arm64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:21861eedf299ea5f07d11d99f9b99802c10ea6a3931af7eba877ba1785d8974f_arm64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:21861eedf299ea5f07d11d99f9b99802c10ea6a3931af7eba877ba1785d8974f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:21861eedf299ea5f07d11d99f9b99802c10ea6a3931af7eba877ba1785d8974f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-414"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:86c2b052511d23f1dcff7c4c1b5d72248f5636faa3baf621f6b39eae658c6bd0_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:86c2b052511d23f1dcff7c4c1b5d72248f5636faa3baf621f6b39eae658c6bd0_arm64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:86c2b052511d23f1dcff7c4c1b5d72248f5636faa3baf621f6b39eae658c6bd0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:86c2b052511d23f1dcff7c4c1b5d72248f5636faa3baf621f6b39eae658c6bd0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-254"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:a6cc4bec652f78b4e4af1a3f3a4d598037ff160525d44f8c365b296d5dcca163_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:a6cc4bec652f78b4e4af1a3f3a4d598037ff160525d44f8c365b296d5dcca163_arm64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:a6cc4bec652f78b4e4af1a3f3a4d598037ff160525d44f8c365b296d5dcca163_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:a6cc4bec652f78b4e4af1a3f3a4d598037ff160525d44f8c365b296d5dcca163?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-217"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:2bee7d13eca0139913259bf33107eb595fd8c8e6e2cb4f1b279c9679c62689bf_arm64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:2bee7d13eca0139913259bf33107eb595fd8c8e6e2cb4f1b279c9679c62689bf_arm64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:2bee7d13eca0139913259bf33107eb595fd8c8e6e2cb4f1b279c9679c62689bf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:2bee7d13eca0139913259bf33107eb595fd8c8e6e2cb4f1b279c9679c62689bf?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-435"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:7829acc341ae10b835888a680c203b1057347527f46f101cc0c1cca3617c57c7_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:7829acc341ae10b835888a680c203b1057347527f46f101cc0c1cca3617c57c7_arm64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:7829acc341ae10b835888a680c203b1057347527f46f101cc0c1cca3617c57c7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:7829acc341ae10b835888a680c203b1057347527f46f101cc0c1cca3617c57c7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.8-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:b9de3ad2251161e7e127d39527c93a684b7e8b1e4e39ed987270628180eac113_arm64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:b9de3ad2251161e7e127d39527c93a684b7e8b1e4e39ed987270628180eac113_arm64",
"product_id": "openshift-logging/vector-rhel8@sha256:b9de3ad2251161e7e127d39527c93a684b7e8b1e4e39ed987270628180eac113_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:b9de3ad2251161e7e127d39527c93a684b7e8b1e4e39ed987270628180eac113?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-128"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:8d15598e7c617bac67d0027749c3d1fa930e5b0c328c2595db45e236296376ba_arm64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:8d15598e7c617bac67d0027749c3d1fa930e5b0c328c2595db45e236296376ba_arm64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:8d15598e7c617bac67d0027749c3d1fa930e5b0c328c2595db45e236296376ba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:8d15598e7c617bac67d0027749c3d1fa930e5b0c328c2595db45e236296376ba?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.19-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:4417fd2330dfd900f650ecd3521a6e0bee06ae0ac76cb9d7016608bd9fb9ff23_arm64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:4417fd2330dfd900f650ecd3521a6e0bee06ae0ac76cb9d7016608bd9fb9ff23_arm64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:4417fd2330dfd900f650ecd3521a6e0bee06ae0ac76cb9d7016608bd9fb9ff23_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:4417fd2330dfd900f650ecd3521a6e0bee06ae0ac76cb9d7016608bd9fb9ff23?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.19-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:8ce58b5d08047ef3ea19c2a05dc19d818dd86d05f100b34f23eac2a25c9f2572_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:8ce58b5d08047ef3ea19c2a05dc19d818dd86d05f100b34f23eac2a25c9f2572_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:8ce58b5d08047ef3ea19c2a05dc19d818dd86d05f100b34f23eac2a25c9f2572_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:8ce58b5d08047ef3ea19c2a05dc19d818dd86d05f100b34f23eac2a25c9f2572?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-546"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:a0d73b892a19d6ece140fe2469b7c02d92a49d6dbabcbe22deae602a60c34ff8_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:a0d73b892a19d6ece140fe2469b7c02d92a49d6dbabcbe22deae602a60c34ff8_arm64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:a0d73b892a19d6ece140fe2469b7c02d92a49d6dbabcbe22deae602a60c34ff8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:a0d73b892a19d6ece140fe2469b7c02d92a49d6dbabcbe22deae602a60c34ff8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-239"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:1ac77ae26db0a0a62541ea3997d43d06b6b77cba6b3cbb62630723d731c088c1_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:1ac77ae26db0a0a62541ea3997d43d06b6b77cba6b3cbb62630723d731c088c1_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:1ac77ae26db0a0a62541ea3997d43d06b6b77cba6b3cbb62630723d731c088c1_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:187ac933f9ec7661a44a7170f57af98e3f603cff7104ec1aa4f9d64ca38f4565_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:187ac933f9ec7661a44a7170f57af98e3f603cff7104ec1aa4f9d64ca38f4565_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:187ac933f9ec7661a44a7170f57af98e3f603cff7104ec1aa4f9d64ca38f4565_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:26a2c965d80a687efe8abf20098574eced63d33b113426bbf02676a91cdaec81_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:26a2c965d80a687efe8abf20098574eced63d33b113426bbf02676a91cdaec81_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:26a2c965d80a687efe8abf20098574eced63d33b113426bbf02676a91cdaec81_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:771510bc988b79286869d5f501e7361191c0199650dd2875a967580b526db3aa_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:771510bc988b79286869d5f501e7361191c0199650dd2875a967580b526db3aa_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:771510bc988b79286869d5f501e7361191c0199650dd2875a967580b526db3aa_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c0ab5ca070538ba1c929ae859394d469365d880ada0406c58aba47cd570b166b_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c0ab5ca070538ba1c929ae859394d469365d880ada0406c58aba47cd570b166b_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:c0ab5ca070538ba1c929ae859394d469365d880ada0406c58aba47cd570b166b_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:d1882ce4aceb2915b624f244b43fcf27f310a6627b255e7a39d76cd8bcb4fbbb_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:d1882ce4aceb2915b624f244b43fcf27f310a6627b255e7a39d76cd8bcb4fbbb_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:d1882ce4aceb2915b624f244b43fcf27f310a6627b255e7a39d76cd8bcb4fbbb_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:00ffe6bcfecf07a92b3b22c1f4ae4bd081f58d60bd287e30bfbaff9db4e08e2d_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:00ffe6bcfecf07a92b3b22c1f4ae4bd081f58d60bd287e30bfbaff9db4e08e2d_arm64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:00ffe6bcfecf07a92b3b22c1f4ae4bd081f58d60bd287e30bfbaff9db4e08e2d_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:16d87d17f2ccf3037a159c4a1edf6d0e0b9af5adc8da9b4f2081f5b34c8d8928_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:16d87d17f2ccf3037a159c4a1edf6d0e0b9af5adc8da9b4f2081f5b34c8d8928_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:16d87d17f2ccf3037a159c4a1edf6d0e0b9af5adc8da9b4f2081f5b34c8d8928_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:35e0f2f958eca2c6c65a400311aaedc892c50b308e19b444b81a5c34152cee1e_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:35e0f2f958eca2c6c65a400311aaedc892c50b308e19b444b81a5c34152cee1e_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:35e0f2f958eca2c6c65a400311aaedc892c50b308e19b444b81a5c34152cee1e_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:71e60f43eab5c3fca8122a52147454cdeea5ba09e4c5b93266e5c3732f377126_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:71e60f43eab5c3fca8122a52147454cdeea5ba09e4c5b93266e5c3732f377126_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:71e60f43eab5c3fca8122a52147454cdeea5ba09e4c5b93266e5c3732f377126_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:3284a445ea1ee777dd791ce9ade976d0979bebc7d2ef1b8ee12d7e2a8975beb6_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:3284a445ea1ee777dd791ce9ade976d0979bebc7d2ef1b8ee12d7e2a8975beb6_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:3284a445ea1ee777dd791ce9ade976d0979bebc7d2ef1b8ee12d7e2a8975beb6_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:34b8995031ebf6931fc37bdb64e4ce4216d1d2a3acb810c8541c6d9b65eb0b12_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34b8995031ebf6931fc37bdb64e4ce4216d1d2a3acb810c8541c6d9b65eb0b12_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:34b8995031ebf6931fc37bdb64e4ce4216d1d2a3acb810c8541c6d9b65eb0b12_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f61bed36d93956fd0b3df02c59a6c1d33dab7ec1334bd87d5b269d2abca3b326_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f61bed36d93956fd0b3df02c59a6c1d33dab7ec1334bd87d5b269d2abca3b326_arm64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:f61bed36d93956fd0b3df02c59a6c1d33dab7ec1334bd87d5b269d2abca3b326_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ff38f506b00322fcd78007ce2513f0c3600d4d4169764c871f43969e034d3c69_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:ff38f506b00322fcd78007ce2513f0c3600d4d4169764c871f43969e034d3c69_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:ff38f506b00322fcd78007ce2513f0c3600d4d4169764c871f43969e034d3c69_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:21861eedf299ea5f07d11d99f9b99802c10ea6a3931af7eba877ba1785d8974f_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:21861eedf299ea5f07d11d99f9b99802c10ea6a3931af7eba877ba1785d8974f_arm64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:21861eedf299ea5f07d11d99f9b99802c10ea6a3931af7eba877ba1785d8974f_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:627aba20bdc63c6bd13283f8344287b0a92368278420979ad751afb20863c073_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:627aba20bdc63c6bd13283f8344287b0a92368278420979ad751afb20863c073_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:627aba20bdc63c6bd13283f8344287b0a92368278420979ad751afb20863c073_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:ac0d3928b83b4cfcbd49f1ea3f2347be12bf36ac7a7da23bde1104a53191ef8e_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:ac0d3928b83b4cfcbd49f1ea3f2347be12bf36ac7a7da23bde1104a53191ef8e_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:ac0d3928b83b4cfcbd49f1ea3f2347be12bf36ac7a7da23bde1104a53191ef8e_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:b2d4561100b8cd912b6b2a2b3a3ca377292dccddfa7b062c23af0eef8299b99b_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:b2d4561100b8cd912b6b2a2b3a3ca377292dccddfa7b062c23af0eef8299b99b_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:b2d4561100b8cd912b6b2a2b3a3ca377292dccddfa7b062c23af0eef8299b99b_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:5c2bdd7799a419af2f06c6ade1ee9ea60294c7cad77d9163de893217b64dc1a5_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:5c2bdd7799a419af2f06c6ade1ee9ea60294c7cad77d9163de893217b64dc1a5_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:5c2bdd7799a419af2f06c6ade1ee9ea60294c7cad77d9163de893217b64dc1a5_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:7a4366860941e811490e2e6a649dd313ead6ca69d0b08861f939f757d6504fae_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:7a4366860941e811490e2e6a649dd313ead6ca69d0b08861f939f757d6504fae_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:7a4366860941e811490e2e6a649dd313ead6ca69d0b08861f939f757d6504fae_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:86c2b052511d23f1dcff7c4c1b5d72248f5636faa3baf621f6b39eae658c6bd0_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:86c2b052511d23f1dcff7c4c1b5d72248f5636faa3baf621f6b39eae658c6bd0_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:86c2b052511d23f1dcff7c4c1b5d72248f5636faa3baf621f6b39eae658c6bd0_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:fe28b07cef0691d423ad05f9142300203c685bc641530f786173a81593824926_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fe28b07cef0691d423ad05f9142300203c685bc641530f786173a81593824926_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:fe28b07cef0691d423ad05f9142300203c685bc641530f786173a81593824926_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:21654d3ae2805214b7972948bd18eb13fcdedbe7d0e7700c31e4e70df8e8fb18_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:21654d3ae2805214b7972948bd18eb13fcdedbe7d0e7700c31e4e70df8e8fb18_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:21654d3ae2805214b7972948bd18eb13fcdedbe7d0e7700c31e4e70df8e8fb18_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:52c9edc1fbcf08202c53ef031afa5cfaf84a921d9400f2b0cd6a52ff95be4258_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:52c9edc1fbcf08202c53ef031afa5cfaf84a921d9400f2b0cd6a52ff95be4258_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:52c9edc1fbcf08202c53ef031afa5cfaf84a921d9400f2b0cd6a52ff95be4258_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:a6cc4bec652f78b4e4af1a3f3a4d598037ff160525d44f8c365b296d5dcca163_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:a6cc4bec652f78b4e4af1a3f3a4d598037ff160525d44f8c365b296d5dcca163_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:a6cc4bec652f78b4e4af1a3f3a4d598037ff160525d44f8c365b296d5dcca163_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:b530551aa7b4c0ea3d52ea7dbb396ab333ca955e26366d72d0c7f807cecf697d_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:b530551aa7b4c0ea3d52ea7dbb396ab333ca955e26366d72d0c7f807cecf697d_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:b530551aa7b4c0ea3d52ea7dbb396ab333ca955e26366d72d0c7f807cecf697d_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:1439553e1abf56115e66b3a1184ccde547bf7b7a94e908db77efabbd310bdb5d_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:1439553e1abf56115e66b3a1184ccde547bf7b7a94e908db77efabbd310bdb5d_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:1439553e1abf56115e66b3a1184ccde547bf7b7a94e908db77efabbd310bdb5d_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:2bee7d13eca0139913259bf33107eb595fd8c8e6e2cb4f1b279c9679c62689bf_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:2bee7d13eca0139913259bf33107eb595fd8c8e6e2cb4f1b279c9679c62689bf_arm64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:2bee7d13eca0139913259bf33107eb595fd8c8e6e2cb4f1b279c9679c62689bf_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:e1d5ccd9faf1b9c39d686973387d690b91d3ca8177011b7886192ec273311057_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e1d5ccd9faf1b9c39d686973387d690b91d3ca8177011b7886192ec273311057_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:e1d5ccd9faf1b9c39d686973387d690b91d3ca8177011b7886192ec273311057_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:f3e507281e863f20d31a12c743b01b9764a3d33d629783067840f906d72b1103_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f3e507281e863f20d31a12c743b01b9764a3d33d629783067840f906d72b1103_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:f3e507281e863f20d31a12c743b01b9764a3d33d629783067840f906d72b1103_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:0d4b324a4726c9a495c8f3f6334b101a8630d5643e2a24ecf1f9976beeb987aa_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:0d4b324a4726c9a495c8f3f6334b101a8630d5643e2a24ecf1f9976beeb987aa_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:0d4b324a4726c9a495c8f3f6334b101a8630d5643e2a24ecf1f9976beeb987aa_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:66cd147e89ba7287512118d4a7fa001d3d1bb5817ba86977cb732fab449de53f_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:66cd147e89ba7287512118d4a7fa001d3d1bb5817ba86977cb732fab449de53f_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:66cd147e89ba7287512118d4a7fa001d3d1bb5817ba86977cb732fab449de53f_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c32bca1304d02c125fb7cc0442e6582cdd0e2bbf86a2c74c166265ea186508a8_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:c32bca1304d02c125fb7cc0442e6582cdd0e2bbf86a2c74c166265ea186508a8_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c32bca1304d02c125fb7cc0442e6582cdd0e2bbf86a2c74c166265ea186508a8_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d34eef63fa54e8de1d9d5bbf94ce8e876909337b1430537090c48dc4c6196d58_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:d34eef63fa54e8de1d9d5bbf94ce8e876909337b1430537090c48dc4c6196d58_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d34eef63fa54e8de1d9d5bbf94ce8e876909337b1430537090c48dc4c6196d58_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:22822ecca302baaff118b6f10e55044d0cf5140ceace7881f6985da1f407898c_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:22822ecca302baaff118b6f10e55044d0cf5140ceace7881f6985da1f407898c_arm64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:22822ecca302baaff118b6f10e55044d0cf5140ceace7881f6985da1f407898c_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:7098187caace8bbc42fdbbbf4ec34872a0a3d113e82e808b4a0d74103bc76439_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:7098187caace8bbc42fdbbbf4ec34872a0a3d113e82e808b4a0d74103bc76439_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:7098187caace8bbc42fdbbbf4ec34872a0a3d113e82e808b4a0d74103bc76439_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:c75535b311bcbee9253369cb0f86277af3d7e929913b1cf53536bfec5d6b771d_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:c75535b311bcbee9253369cb0f86277af3d7e929913b1cf53536bfec5d6b771d_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:c75535b311bcbee9253369cb0f86277af3d7e929913b1cf53536bfec5d6b771d_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:f8021819435b40b8187238ecbddfbfa4b9d9e06269e1b52362dec424dcd5cea1_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f8021819435b40b8187238ecbddfbfa4b9d9e06269e1b52362dec424dcd5cea1_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:f8021819435b40b8187238ecbddfbfa4b9d9e06269e1b52362dec424dcd5cea1_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:371692f70ccc31947a29a32d17a865e142c17dbc89b0fb83cc54beb488fa566a_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:371692f70ccc31947a29a32d17a865e142c17dbc89b0fb83cc54beb488fa566a_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:371692f70ccc31947a29a32d17a865e142c17dbc89b0fb83cc54beb488fa566a_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:7829acc341ae10b835888a680c203b1057347527f46f101cc0c1cca3617c57c7_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:7829acc341ae10b835888a680c203b1057347527f46f101cc0c1cca3617c57c7_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:7829acc341ae10b835888a680c203b1057347527f46f101cc0c1cca3617c57c7_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:a242ba080079d36da742db65dc80a72d0209a4c403c05bd35fdb3fae830a5f32_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a242ba080079d36da742db65dc80a72d0209a4c403c05bd35fdb3fae830a5f32_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:a242ba080079d36da742db65dc80a72d0209a4c403c05bd35fdb3fae830a5f32_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:ba73a21803df6f0516658bd30dd24e9ec4a948ccb955d36cb38365bbc112e4bc_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:ba73a21803df6f0516658bd30dd24e9ec4a948ccb955d36cb38365bbc112e4bc_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:ba73a21803df6f0516658bd30dd24e9ec4a948ccb955d36cb38365bbc112e4bc_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:492a612f8d74cd4843e540e6778d256ab7a696bca923989c7241f20f18e68327_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:492a612f8d74cd4843e540e6778d256ab7a696bca923989c7241f20f18e68327_s390x"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:492a612f8d74cd4843e540e6778d256ab7a696bca923989c7241f20f18e68327_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:741c99f5624d8928ce46acab54dde7eb61451813fbed26bd5509bb1e66b22091_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:741c99f5624d8928ce46acab54dde7eb61451813fbed26bd5509bb1e66b22091_amd64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:741c99f5624d8928ce46acab54dde7eb61451813fbed26bd5509bb1e66b22091_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:8d15598e7c617bac67d0027749c3d1fa930e5b0c328c2595db45e236296376ba_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:8d15598e7c617bac67d0027749c3d1fa930e5b0c328c2595db45e236296376ba_arm64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:8d15598e7c617bac67d0027749c3d1fa930e5b0c328c2595db45e236296376ba_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:e50274625e0bf0e1eafb2053604951460842d416a71ea1185a457a98acaa9457_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:e50274625e0bf0e1eafb2053604951460842d416a71ea1185a457a98acaa9457_ppc64le"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:e50274625e0bf0e1eafb2053604951460842d416a71ea1185a457a98acaa9457_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:dfeb444503ad0b421cd951f9f66eba001e3b1ac8a01060c2cb5c04be5c5e0290_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:dfeb444503ad0b421cd951f9f66eba001e3b1ac8a01060c2cb5c04be5c5e0290_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:dfeb444503ad0b421cd951f9f66eba001e3b1ac8a01060c2cb5c04be5c5e0290_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:4417fd2330dfd900f650ecd3521a6e0bee06ae0ac76cb9d7016608bd9fb9ff23_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:4417fd2330dfd900f650ecd3521a6e0bee06ae0ac76cb9d7016608bd9fb9ff23_arm64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:4417fd2330dfd900f650ecd3521a6e0bee06ae0ac76cb9d7016608bd9fb9ff23_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:9cde0eade0281c238cf8d9741f482ab65ef2e73394369f7bd5e9247989698ede_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:9cde0eade0281c238cf8d9741f482ab65ef2e73394369f7bd5e9247989698ede_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:9cde0eade0281c238cf8d9741f482ab65ef2e73394369f7bd5e9247989698ede_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:e7867bb0ccdb9a4010d54b0c70530ac6c0419f59e6d259ad58c8d2399a366488_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e7867bb0ccdb9a4010d54b0c70530ac6c0419f59e6d259ad58c8d2399a366488_amd64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:e7867bb0ccdb9a4010d54b0c70530ac6c0419f59e6d259ad58c8d2399a366488_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:ec15e5b8266d016bc5843d3df51c8c539153dccd4225a369ee203e16e47cc276_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ec15e5b8266d016bc5843d3df51c8c539153dccd4225a369ee203e16e47cc276_s390x"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:ec15e5b8266d016bc5843d3df51c8c539153dccd4225a369ee203e16e47cc276_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:34a2ce3aec49a14f2311223d65ea002606384c3336e2403c8234d4ff1196e9e1_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:34a2ce3aec49a14f2311223d65ea002606384c3336e2403c8234d4ff1196e9e1_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:34a2ce3aec49a14f2311223d65ea002606384c3336e2403c8234d4ff1196e9e1_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:78813f44da05bcd9326f038b868aa8545e96a58a5d7a53a5cf9852ce410ef981_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:78813f44da05bcd9326f038b868aa8545e96a58a5d7a53a5cf9852ce410ef981_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:78813f44da05bcd9326f038b868aa8545e96a58a5d7a53a5cf9852ce410ef981_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:8ce58b5d08047ef3ea19c2a05dc19d818dd86d05f100b34f23eac2a25c9f2572_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:8ce58b5d08047ef3ea19c2a05dc19d818dd86d05f100b34f23eac2a25c9f2572_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:8ce58b5d08047ef3ea19c2a05dc19d818dd86d05f100b34f23eac2a25c9f2572_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:a1bdf15d3ee379f7addd6bc8edd1f77fa8cf55f6a64034331ab8f901026c8a8f_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a1bdf15d3ee379f7addd6bc8edd1f77fa8cf55f6a64034331ab8f901026c8a8f_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:a1bdf15d3ee379f7addd6bc8edd1f77fa8cf55f6a64034331ab8f901026c8a8f_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:376d2b1d7202a3fd04669ec138917a3fe37590a36bc78dcf3398fd997d6d610a_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:376d2b1d7202a3fd04669ec138917a3fe37590a36bc78dcf3398fd997d6d610a_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:376d2b1d7202a3fd04669ec138917a3fe37590a36bc78dcf3398fd997d6d610a_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:a0d73b892a19d6ece140fe2469b7c02d92a49d6dbabcbe22deae602a60c34ff8_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:a0d73b892a19d6ece140fe2469b7c02d92a49d6dbabcbe22deae602a60c34ff8_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:a0d73b892a19d6ece140fe2469b7c02d92a49d6dbabcbe22deae602a60c34ff8_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:b587aa9eaf4f41f61bd010d1def0f5254379a93f71705e9d46269f4dfa3375fd_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b587aa9eaf4f41f61bd010d1def0f5254379a93f71705e9d46269f4dfa3375fd_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:b587aa9eaf4f41f61bd010d1def0f5254379a93f71705e9d46269f4dfa3375fd_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:e7ae951caf6df4cbf86c22efab1114e18ea4fca6c44a6f2b98f209688eb3c85e_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e7ae951caf6df4cbf86c22efab1114e18ea4fca6c44a6f2b98f209688eb3c85e_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:e7ae951caf6df4cbf86c22efab1114e18ea4fca6c44a6f2b98f209688eb3c85e_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:01b00bac7593528af137f5d8903d0a9e2aeeab9aec851d3e9894c2eedc1427d6_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:01b00bac7593528af137f5d8903d0a9e2aeeab9aec851d3e9894c2eedc1427d6_amd64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:01b00bac7593528af137f5d8903d0a9e2aeeab9aec851d3e9894c2eedc1427d6_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:91476c44682f82e16db0960fab216f5d1e506f4f9e1b71c32160e81eaf222002_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:91476c44682f82e16db0960fab216f5d1e506f4f9e1b71c32160e81eaf222002_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:91476c44682f82e16db0960fab216f5d1e506f4f9e1b71c32160e81eaf222002_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:b9de3ad2251161e7e127d39527c93a684b7e8b1e4e39ed987270628180eac113_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:b9de3ad2251161e7e127d39527c93a684b7e8b1e4e39ed987270628180eac113_arm64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:b9de3ad2251161e7e127d39527c93a684b7e8b1e4e39ed987270628180eac113_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:cf252ac88ea891642e1dd6377fa7e312a5a652c4bdf8829700b18fd8b1ef37c5_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:cf252ac88ea891642e1dd6377fa7e312a5a652c4bdf8829700b18fd8b1ef37c5_s390x"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:cf252ac88ea891642e1dd6377fa7e312a5a652c4bdf8829700b18fd8b1ef37c5_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:1ac77ae26db0a0a62541ea3997d43d06b6b77cba6b3cbb62630723d731c088c1_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:187ac933f9ec7661a44a7170f57af98e3f603cff7104ec1aa4f9d64ca38f4565_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:26a2c965d80a687efe8abf20098574eced63d33b113426bbf02676a91cdaec81_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:771510bc988b79286869d5f501e7361191c0199650dd2875a967580b526db3aa_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c0ab5ca070538ba1c929ae859394d469365d880ada0406c58aba47cd570b166b_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:d1882ce4aceb2915b624f244b43fcf27f310a6627b255e7a39d76cd8bcb4fbbb_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:00ffe6bcfecf07a92b3b22c1f4ae4bd081f58d60bd287e30bfbaff9db4e08e2d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:16d87d17f2ccf3037a159c4a1edf6d0e0b9af5adc8da9b4f2081f5b34c8d8928_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:35e0f2f958eca2c6c65a400311aaedc892c50b308e19b444b81a5c34152cee1e_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:71e60f43eab5c3fca8122a52147454cdeea5ba09e4c5b93266e5c3732f377126_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:3284a445ea1ee777dd791ce9ade976d0979bebc7d2ef1b8ee12d7e2a8975beb6_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34b8995031ebf6931fc37bdb64e4ce4216d1d2a3acb810c8541c6d9b65eb0b12_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f61bed36d93956fd0b3df02c59a6c1d33dab7ec1334bd87d5b269d2abca3b326_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:ff38f506b00322fcd78007ce2513f0c3600d4d4169764c871f43969e034d3c69_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:21861eedf299ea5f07d11d99f9b99802c10ea6a3931af7eba877ba1785d8974f_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:627aba20bdc63c6bd13283f8344287b0a92368278420979ad751afb20863c073_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:ac0d3928b83b4cfcbd49f1ea3f2347be12bf36ac7a7da23bde1104a53191ef8e_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:b2d4561100b8cd912b6b2a2b3a3ca377292dccddfa7b062c23af0eef8299b99b_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:5c2bdd7799a419af2f06c6ade1ee9ea60294c7cad77d9163de893217b64dc1a5_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:7a4366860941e811490e2e6a649dd313ead6ca69d0b08861f939f757d6504fae_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:86c2b052511d23f1dcff7c4c1b5d72248f5636faa3baf621f6b39eae658c6bd0_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fe28b07cef0691d423ad05f9142300203c685bc641530f786173a81593824926_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:21654d3ae2805214b7972948bd18eb13fcdedbe7d0e7700c31e4e70df8e8fb18_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:52c9edc1fbcf08202c53ef031afa5cfaf84a921d9400f2b0cd6a52ff95be4258_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:a6cc4bec652f78b4e4af1a3f3a4d598037ff160525d44f8c365b296d5dcca163_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:b530551aa7b4c0ea3d52ea7dbb396ab333ca955e26366d72d0c7f807cecf697d_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:1439553e1abf56115e66b3a1184ccde547bf7b7a94e908db77efabbd310bdb5d_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:2bee7d13eca0139913259bf33107eb595fd8c8e6e2cb4f1b279c9679c62689bf_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e1d5ccd9faf1b9c39d686973387d690b91d3ca8177011b7886192ec273311057_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f3e507281e863f20d31a12c743b01b9764a3d33d629783067840f906d72b1103_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:0d4b324a4726c9a495c8f3f6334b101a8630d5643e2a24ecf1f9976beeb987aa_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:66cd147e89ba7287512118d4a7fa001d3d1bb5817ba86977cb732fab449de53f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:c32bca1304d02c125fb7cc0442e6582cdd0e2bbf86a2c74c166265ea186508a8_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:d34eef63fa54e8de1d9d5bbf94ce8e876909337b1430537090c48dc4c6196d58_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:22822ecca302baaff118b6f10e55044d0cf5140ceace7881f6985da1f407898c_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:7098187caace8bbc42fdbbbf4ec34872a0a3d113e82e808b4a0d74103bc76439_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:c75535b311bcbee9253369cb0f86277af3d7e929913b1cf53536bfec5d6b771d_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f8021819435b40b8187238ecbddfbfa4b9d9e06269e1b52362dec424dcd5cea1_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:371692f70ccc31947a29a32d17a865e142c17dbc89b0fb83cc54beb488fa566a_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:7829acc341ae10b835888a680c203b1057347527f46f101cc0c1cca3617c57c7_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a242ba080079d36da742db65dc80a72d0209a4c403c05bd35fdb3fae830a5f32_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:ba73a21803df6f0516658bd30dd24e9ec4a948ccb955d36cb38365bbc112e4bc_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:492a612f8d74cd4843e540e6778d256ab7a696bca923989c7241f20f18e68327_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:741c99f5624d8928ce46acab54dde7eb61451813fbed26bd5509bb1e66b22091_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:8d15598e7c617bac67d0027749c3d1fa930e5b0c328c2595db45e236296376ba_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:e50274625e0bf0e1eafb2053604951460842d416a71ea1185a457a98acaa9457_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:dfeb444503ad0b421cd951f9f66eba001e3b1ac8a01060c2cb5c04be5c5e0290_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:4417fd2330dfd900f650ecd3521a6e0bee06ae0ac76cb9d7016608bd9fb9ff23_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:9cde0eade0281c238cf8d9741f482ab65ef2e73394369f7bd5e9247989698ede_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e7867bb0ccdb9a4010d54b0c70530ac6c0419f59e6d259ad58c8d2399a366488_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ec15e5b8266d016bc5843d3df51c8c539153dccd4225a369ee203e16e47cc276_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:34a2ce3aec49a14f2311223d65ea002606384c3336e2403c8234d4ff1196e9e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:78813f44da05bcd9326f038b868aa8545e96a58a5d7a53a5cf9852ce410ef981_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:8ce58b5d08047ef3ea19c2a05dc19d818dd86d05f100b34f23eac2a25c9f2572_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a1bdf15d3ee379f7addd6bc8edd1f77fa8cf55f6a64034331ab8f901026c8a8f_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:376d2b1d7202a3fd04669ec138917a3fe37590a36bc78dcf3398fd997d6d610a_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:a0d73b892a19d6ece140fe2469b7c02d92a49d6dbabcbe22deae602a60c34ff8_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b587aa9eaf4f41f61bd010d1def0f5254379a93f71705e9d46269f4dfa3375fd_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e7ae951caf6df4cbf86c22efab1114e18ea4fca6c44a6f2b98f209688eb3c85e_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:01b00bac7593528af137f5d8903d0a9e2aeeab9aec851d3e9894c2eedc1427d6_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:91476c44682f82e16db0960fab216f5d1e506f4f9e1b71c32160e81eaf222002_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:b9de3ad2251161e7e127d39527c93a684b7e8b1e4e39ed987270628180eac113_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:cf252ac88ea891642e1dd6377fa7e312a5a652c4bdf8829700b18fd8b1ef37c5_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-23T06:49:37+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nFor Red Hat OpenShift Logging 5.6, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:1ac77ae26db0a0a62541ea3997d43d06b6b77cba6b3cbb62630723d731c088c1_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:187ac933f9ec7661a44a7170f57af98e3f603cff7104ec1aa4f9d64ca38f4565_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:26a2c965d80a687efe8abf20098574eced63d33b113426bbf02676a91cdaec81_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:771510bc988b79286869d5f501e7361191c0199650dd2875a967580b526db3aa_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c0ab5ca070538ba1c929ae859394d469365d880ada0406c58aba47cd570b166b_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:d1882ce4aceb2915b624f244b43fcf27f310a6627b255e7a39d76cd8bcb4fbbb_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:00ffe6bcfecf07a92b3b22c1f4ae4bd081f58d60bd287e30bfbaff9db4e08e2d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:16d87d17f2ccf3037a159c4a1edf6d0e0b9af5adc8da9b4f2081f5b34c8d8928_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:35e0f2f958eca2c6c65a400311aaedc892c50b308e19b444b81a5c34152cee1e_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:71e60f43eab5c3fca8122a52147454cdeea5ba09e4c5b93266e5c3732f377126_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:3284a445ea1ee777dd791ce9ade976d0979bebc7d2ef1b8ee12d7e2a8975beb6_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34b8995031ebf6931fc37bdb64e4ce4216d1d2a3acb810c8541c6d9b65eb0b12_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f61bed36d93956fd0b3df02c59a6c1d33dab7ec1334bd87d5b269d2abca3b326_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:ff38f506b00322fcd78007ce2513f0c3600d4d4169764c871f43969e034d3c69_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:21861eedf299ea5f07d11d99f9b99802c10ea6a3931af7eba877ba1785d8974f_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:627aba20bdc63c6bd13283f8344287b0a92368278420979ad751afb20863c073_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:ac0d3928b83b4cfcbd49f1ea3f2347be12bf36ac7a7da23bde1104a53191ef8e_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:b2d4561100b8cd912b6b2a2b3a3ca377292dccddfa7b062c23af0eef8299b99b_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:5c2bdd7799a419af2f06c6ade1ee9ea60294c7cad77d9163de893217b64dc1a5_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:7a4366860941e811490e2e6a649dd313ead6ca69d0b08861f939f757d6504fae_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:86c2b052511d23f1dcff7c4c1b5d72248f5636faa3baf621f6b39eae658c6bd0_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fe28b07cef0691d423ad05f9142300203c685bc641530f786173a81593824926_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:21654d3ae2805214b7972948bd18eb13fcdedbe7d0e7700c31e4e70df8e8fb18_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:52c9edc1fbcf08202c53ef031afa5cfaf84a921d9400f2b0cd6a52ff95be4258_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:a6cc4bec652f78b4e4af1a3f3a4d598037ff160525d44f8c365b296d5dcca163_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:b530551aa7b4c0ea3d52ea7dbb396ab333ca955e26366d72d0c7f807cecf697d_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:1439553e1abf56115e66b3a1184ccde547bf7b7a94e908db77efabbd310bdb5d_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:2bee7d13eca0139913259bf33107eb595fd8c8e6e2cb4f1b279c9679c62689bf_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e1d5ccd9faf1b9c39d686973387d690b91d3ca8177011b7886192ec273311057_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f3e507281e863f20d31a12c743b01b9764a3d33d629783067840f906d72b1103_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:0d4b324a4726c9a495c8f3f6334b101a8630d5643e2a24ecf1f9976beeb987aa_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:66cd147e89ba7287512118d4a7fa001d3d1bb5817ba86977cb732fab449de53f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:c32bca1304d02c125fb7cc0442e6582cdd0e2bbf86a2c74c166265ea186508a8_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:d34eef63fa54e8de1d9d5bbf94ce8e876909337b1430537090c48dc4c6196d58_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:22822ecca302baaff118b6f10e55044d0cf5140ceace7881f6985da1f407898c_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:7098187caace8bbc42fdbbbf4ec34872a0a3d113e82e808b4a0d74103bc76439_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:c75535b311bcbee9253369cb0f86277af3d7e929913b1cf53536bfec5d6b771d_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f8021819435b40b8187238ecbddfbfa4b9d9e06269e1b52362dec424dcd5cea1_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:371692f70ccc31947a29a32d17a865e142c17dbc89b0fb83cc54beb488fa566a_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:7829acc341ae10b835888a680c203b1057347527f46f101cc0c1cca3617c57c7_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a242ba080079d36da742db65dc80a72d0209a4c403c05bd35fdb3fae830a5f32_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:ba73a21803df6f0516658bd30dd24e9ec4a948ccb955d36cb38365bbc112e4bc_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:492a612f8d74cd4843e540e6778d256ab7a696bca923989c7241f20f18e68327_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:741c99f5624d8928ce46acab54dde7eb61451813fbed26bd5509bb1e66b22091_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:8d15598e7c617bac67d0027749c3d1fa930e5b0c328c2595db45e236296376ba_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:e50274625e0bf0e1eafb2053604951460842d416a71ea1185a457a98acaa9457_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:dfeb444503ad0b421cd951f9f66eba001e3b1ac8a01060c2cb5c04be5c5e0290_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:4417fd2330dfd900f650ecd3521a6e0bee06ae0ac76cb9d7016608bd9fb9ff23_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:9cde0eade0281c238cf8d9741f482ab65ef2e73394369f7bd5e9247989698ede_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e7867bb0ccdb9a4010d54b0c70530ac6c0419f59e6d259ad58c8d2399a366488_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ec15e5b8266d016bc5843d3df51c8c539153dccd4225a369ee203e16e47cc276_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:34a2ce3aec49a14f2311223d65ea002606384c3336e2403c8234d4ff1196e9e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:78813f44da05bcd9326f038b868aa8545e96a58a5d7a53a5cf9852ce410ef981_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:8ce58b5d08047ef3ea19c2a05dc19d818dd86d05f100b34f23eac2a25c9f2572_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a1bdf15d3ee379f7addd6bc8edd1f77fa8cf55f6a64034331ab8f901026c8a8f_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:376d2b1d7202a3fd04669ec138917a3fe37590a36bc78dcf3398fd997d6d610a_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:a0d73b892a19d6ece140fe2469b7c02d92a49d6dbabcbe22deae602a60c34ff8_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b587aa9eaf4f41f61bd010d1def0f5254379a93f71705e9d46269f4dfa3375fd_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e7ae951caf6df4cbf86c22efab1114e18ea4fca6c44a6f2b98f209688eb3c85e_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:01b00bac7593528af137f5d8903d0a9e2aeeab9aec851d3e9894c2eedc1427d6_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:91476c44682f82e16db0960fab216f5d1e506f4f9e1b71c32160e81eaf222002_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:b9de3ad2251161e7e127d39527c93a684b7e8b1e4e39ed987270628180eac113_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:cf252ac88ea891642e1dd6377fa7e312a5a652c4bdf8829700b18fd8b1ef37c5_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2929"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:1ac77ae26db0a0a62541ea3997d43d06b6b77cba6b3cbb62630723d731c088c1_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:187ac933f9ec7661a44a7170f57af98e3f603cff7104ec1aa4f9d64ca38f4565_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:26a2c965d80a687efe8abf20098574eced63d33b113426bbf02676a91cdaec81_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:771510bc988b79286869d5f501e7361191c0199650dd2875a967580b526db3aa_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c0ab5ca070538ba1c929ae859394d469365d880ada0406c58aba47cd570b166b_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:d1882ce4aceb2915b624f244b43fcf27f310a6627b255e7a39d76cd8bcb4fbbb_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:00ffe6bcfecf07a92b3b22c1f4ae4bd081f58d60bd287e30bfbaff9db4e08e2d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:16d87d17f2ccf3037a159c4a1edf6d0e0b9af5adc8da9b4f2081f5b34c8d8928_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:35e0f2f958eca2c6c65a400311aaedc892c50b308e19b444b81a5c34152cee1e_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:71e60f43eab5c3fca8122a52147454cdeea5ba09e4c5b93266e5c3732f377126_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:3284a445ea1ee777dd791ce9ade976d0979bebc7d2ef1b8ee12d7e2a8975beb6_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34b8995031ebf6931fc37bdb64e4ce4216d1d2a3acb810c8541c6d9b65eb0b12_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f61bed36d93956fd0b3df02c59a6c1d33dab7ec1334bd87d5b269d2abca3b326_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:ff38f506b00322fcd78007ce2513f0c3600d4d4169764c871f43969e034d3c69_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:21861eedf299ea5f07d11d99f9b99802c10ea6a3931af7eba877ba1785d8974f_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:627aba20bdc63c6bd13283f8344287b0a92368278420979ad751afb20863c073_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:ac0d3928b83b4cfcbd49f1ea3f2347be12bf36ac7a7da23bde1104a53191ef8e_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:b2d4561100b8cd912b6b2a2b3a3ca377292dccddfa7b062c23af0eef8299b99b_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:5c2bdd7799a419af2f06c6ade1ee9ea60294c7cad77d9163de893217b64dc1a5_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:7a4366860941e811490e2e6a649dd313ead6ca69d0b08861f939f757d6504fae_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:86c2b052511d23f1dcff7c4c1b5d72248f5636faa3baf621f6b39eae658c6bd0_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fe28b07cef0691d423ad05f9142300203c685bc641530f786173a81593824926_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:21654d3ae2805214b7972948bd18eb13fcdedbe7d0e7700c31e4e70df8e8fb18_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:52c9edc1fbcf08202c53ef031afa5cfaf84a921d9400f2b0cd6a52ff95be4258_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:a6cc4bec652f78b4e4af1a3f3a4d598037ff160525d44f8c365b296d5dcca163_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:b530551aa7b4c0ea3d52ea7dbb396ab333ca955e26366d72d0c7f807cecf697d_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:1439553e1abf56115e66b3a1184ccde547bf7b7a94e908db77efabbd310bdb5d_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:2bee7d13eca0139913259bf33107eb595fd8c8e6e2cb4f1b279c9679c62689bf_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e1d5ccd9faf1b9c39d686973387d690b91d3ca8177011b7886192ec273311057_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f3e507281e863f20d31a12c743b01b9764a3d33d629783067840f906d72b1103_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:0d4b324a4726c9a495c8f3f6334b101a8630d5643e2a24ecf1f9976beeb987aa_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:66cd147e89ba7287512118d4a7fa001d3d1bb5817ba86977cb732fab449de53f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:c32bca1304d02c125fb7cc0442e6582cdd0e2bbf86a2c74c166265ea186508a8_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:d34eef63fa54e8de1d9d5bbf94ce8e876909337b1430537090c48dc4c6196d58_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:22822ecca302baaff118b6f10e55044d0cf5140ceace7881f6985da1f407898c_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:7098187caace8bbc42fdbbbf4ec34872a0a3d113e82e808b4a0d74103bc76439_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:c75535b311bcbee9253369cb0f86277af3d7e929913b1cf53536bfec5d6b771d_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f8021819435b40b8187238ecbddfbfa4b9d9e06269e1b52362dec424dcd5cea1_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:371692f70ccc31947a29a32d17a865e142c17dbc89b0fb83cc54beb488fa566a_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:7829acc341ae10b835888a680c203b1057347527f46f101cc0c1cca3617c57c7_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a242ba080079d36da742db65dc80a72d0209a4c403c05bd35fdb3fae830a5f32_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:ba73a21803df6f0516658bd30dd24e9ec4a948ccb955d36cb38365bbc112e4bc_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:492a612f8d74cd4843e540e6778d256ab7a696bca923989c7241f20f18e68327_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:741c99f5624d8928ce46acab54dde7eb61451813fbed26bd5509bb1e66b22091_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:8d15598e7c617bac67d0027749c3d1fa930e5b0c328c2595db45e236296376ba_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:e50274625e0bf0e1eafb2053604951460842d416a71ea1185a457a98acaa9457_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:dfeb444503ad0b421cd951f9f66eba001e3b1ac8a01060c2cb5c04be5c5e0290_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:4417fd2330dfd900f650ecd3521a6e0bee06ae0ac76cb9d7016608bd9fb9ff23_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:9cde0eade0281c238cf8d9741f482ab65ef2e73394369f7bd5e9247989698ede_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e7867bb0ccdb9a4010d54b0c70530ac6c0419f59e6d259ad58c8d2399a366488_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ec15e5b8266d016bc5843d3df51c8c539153dccd4225a369ee203e16e47cc276_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:34a2ce3aec49a14f2311223d65ea002606384c3336e2403c8234d4ff1196e9e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:78813f44da05bcd9326f038b868aa8545e96a58a5d7a53a5cf9852ce410ef981_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:8ce58b5d08047ef3ea19c2a05dc19d818dd86d05f100b34f23eac2a25c9f2572_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a1bdf15d3ee379f7addd6bc8edd1f77fa8cf55f6a64034331ab8f901026c8a8f_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:376d2b1d7202a3fd04669ec138917a3fe37590a36bc78dcf3398fd997d6d610a_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:a0d73b892a19d6ece140fe2469b7c02d92a49d6dbabcbe22deae602a60c34ff8_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b587aa9eaf4f41f61bd010d1def0f5254379a93f71705e9d46269f4dfa3375fd_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e7ae951caf6df4cbf86c22efab1114e18ea4fca6c44a6f2b98f209688eb3c85e_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:01b00bac7593528af137f5d8903d0a9e2aeeab9aec851d3e9894c2eedc1427d6_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:91476c44682f82e16db0960fab216f5d1e506f4f9e1b71c32160e81eaf222002_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:b9de3ad2251161e7e127d39527c93a684b7e8b1e4e39ed987270628180eac113_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:cf252ac88ea891642e1dd6377fa7e312a5a652c4bdf8829700b18fd8b1ef37c5_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:1ac77ae26db0a0a62541ea3997d43d06b6b77cba6b3cbb62630723d731c088c1_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:187ac933f9ec7661a44a7170f57af98e3f603cff7104ec1aa4f9d64ca38f4565_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:26a2c965d80a687efe8abf20098574eced63d33b113426bbf02676a91cdaec81_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:771510bc988b79286869d5f501e7361191c0199650dd2875a967580b526db3aa_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c0ab5ca070538ba1c929ae859394d469365d880ada0406c58aba47cd570b166b_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:d1882ce4aceb2915b624f244b43fcf27f310a6627b255e7a39d76cd8bcb4fbbb_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:00ffe6bcfecf07a92b3b22c1f4ae4bd081f58d60bd287e30bfbaff9db4e08e2d_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:16d87d17f2ccf3037a159c4a1edf6d0e0b9af5adc8da9b4f2081f5b34c8d8928_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:35e0f2f958eca2c6c65a400311aaedc892c50b308e19b444b81a5c34152cee1e_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:71e60f43eab5c3fca8122a52147454cdeea5ba09e4c5b93266e5c3732f377126_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:3284a445ea1ee777dd791ce9ade976d0979bebc7d2ef1b8ee12d7e2a8975beb6_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:34b8995031ebf6931fc37bdb64e4ce4216d1d2a3acb810c8541c6d9b65eb0b12_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f61bed36d93956fd0b3df02c59a6c1d33dab7ec1334bd87d5b269d2abca3b326_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:ff38f506b00322fcd78007ce2513f0c3600d4d4169764c871f43969e034d3c69_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:21861eedf299ea5f07d11d99f9b99802c10ea6a3931af7eba877ba1785d8974f_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:627aba20bdc63c6bd13283f8344287b0a92368278420979ad751afb20863c073_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:ac0d3928b83b4cfcbd49f1ea3f2347be12bf36ac7a7da23bde1104a53191ef8e_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:b2d4561100b8cd912b6b2a2b3a3ca377292dccddfa7b062c23af0eef8299b99b_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:5c2bdd7799a419af2f06c6ade1ee9ea60294c7cad77d9163de893217b64dc1a5_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:7a4366860941e811490e2e6a649dd313ead6ca69d0b08861f939f757d6504fae_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:86c2b052511d23f1dcff7c4c1b5d72248f5636faa3baf621f6b39eae658c6bd0_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:fe28b07cef0691d423ad05f9142300203c685bc641530f786173a81593824926_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:21654d3ae2805214b7972948bd18eb13fcdedbe7d0e7700c31e4e70df8e8fb18_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:52c9edc1fbcf08202c53ef031afa5cfaf84a921d9400f2b0cd6a52ff95be4258_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:a6cc4bec652f78b4e4af1a3f3a4d598037ff160525d44f8c365b296d5dcca163_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:b530551aa7b4c0ea3d52ea7dbb396ab333ca955e26366d72d0c7f807cecf697d_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:1439553e1abf56115e66b3a1184ccde547bf7b7a94e908db77efabbd310bdb5d_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:2bee7d13eca0139913259bf33107eb595fd8c8e6e2cb4f1b279c9679c62689bf_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e1d5ccd9faf1b9c39d686973387d690b91d3ca8177011b7886192ec273311057_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f3e507281e863f20d31a12c743b01b9764a3d33d629783067840f906d72b1103_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:0d4b324a4726c9a495c8f3f6334b101a8630d5643e2a24ecf1f9976beeb987aa_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:66cd147e89ba7287512118d4a7fa001d3d1bb5817ba86977cb732fab449de53f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:c32bca1304d02c125fb7cc0442e6582cdd0e2bbf86a2c74c166265ea186508a8_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:d34eef63fa54e8de1d9d5bbf94ce8e876909337b1430537090c48dc4c6196d58_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:22822ecca302baaff118b6f10e55044d0cf5140ceace7881f6985da1f407898c_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:7098187caace8bbc42fdbbbf4ec34872a0a3d113e82e808b4a0d74103bc76439_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:c75535b311bcbee9253369cb0f86277af3d7e929913b1cf53536bfec5d6b771d_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f8021819435b40b8187238ecbddfbfa4b9d9e06269e1b52362dec424dcd5cea1_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:371692f70ccc31947a29a32d17a865e142c17dbc89b0fb83cc54beb488fa566a_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:7829acc341ae10b835888a680c203b1057347527f46f101cc0c1cca3617c57c7_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a242ba080079d36da742db65dc80a72d0209a4c403c05bd35fdb3fae830a5f32_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:ba73a21803df6f0516658bd30dd24e9ec4a948ccb955d36cb38365bbc112e4bc_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:492a612f8d74cd4843e540e6778d256ab7a696bca923989c7241f20f18e68327_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:741c99f5624d8928ce46acab54dde7eb61451813fbed26bd5509bb1e66b22091_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:8d15598e7c617bac67d0027749c3d1fa930e5b0c328c2595db45e236296376ba_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:e50274625e0bf0e1eafb2053604951460842d416a71ea1185a457a98acaa9457_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:dfeb444503ad0b421cd951f9f66eba001e3b1ac8a01060c2cb5c04be5c5e0290_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:4417fd2330dfd900f650ecd3521a6e0bee06ae0ac76cb9d7016608bd9fb9ff23_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:9cde0eade0281c238cf8d9741f482ab65ef2e73394369f7bd5e9247989698ede_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e7867bb0ccdb9a4010d54b0c70530ac6c0419f59e6d259ad58c8d2399a366488_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ec15e5b8266d016bc5843d3df51c8c539153dccd4225a369ee203e16e47cc276_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:34a2ce3aec49a14f2311223d65ea002606384c3336e2403c8234d4ff1196e9e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:78813f44da05bcd9326f038b868aa8545e96a58a5d7a53a5cf9852ce410ef981_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:8ce58b5d08047ef3ea19c2a05dc19d818dd86d05f100b34f23eac2a25c9f2572_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:a1bdf15d3ee379f7addd6bc8edd1f77fa8cf55f6a64034331ab8f901026c8a8f_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:376d2b1d7202a3fd04669ec138917a3fe37590a36bc78dcf3398fd997d6d610a_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:a0d73b892a19d6ece140fe2469b7c02d92a49d6dbabcbe22deae602a60c34ff8_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:b587aa9eaf4f41f61bd010d1def0f5254379a93f71705e9d46269f4dfa3375fd_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e7ae951caf6df4cbf86c22efab1114e18ea4fca6c44a6f2b98f209688eb3c85e_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:01b00bac7593528af137f5d8903d0a9e2aeeab9aec851d3e9894c2eedc1427d6_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:91476c44682f82e16db0960fab216f5d1e506f4f9e1b71c32160e81eaf222002_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:b9de3ad2251161e7e127d39527c93a684b7e8b1e4e39ed987270628180eac113_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:cf252ac88ea891642e1dd6377fa7e312a5a652c4bdf8829700b18fd8b1ef37c5_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
}
]
}
RHSA-2024:2930
Vulnerability from csaf_redhat - Published: 2024-05-23 07:14 - Updated: 2026-06-02 15:09Summary
Red Hat Security Advisory: logging for Red Hat OpenShift security update
Severity
Important
Notes
Topic: An update is now available for RHOL-5.7-RHEL-8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: TODO: add package description
Security Fix(es):
* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
63 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:6349e0dfa8a940002570e6a0d5d7b91cf9f1fc2186da823150be95c55e7eec64_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:5484c76cad28fa452c48f67d95295583dfbc6d34db22495eccfffec051893c49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:a1aafbebeca86cf4b52600bca4c3014881c1ffca7587d2d382275a3d247d72e9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:bcf26dae2241ded8335e3236944639643ce63027a24645d2de0d013589e79876_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ed41b5450aa91a1dbb519acd184f87f96e090be3d099e88dc27a005bdc9bab15_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:a846c915cb692856eb1907726dc06c35564da1e40bbec7e1fe05b3b64327b8d4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:19a6691d7a3010253bf18a00a1b58896350354494375822744d08a09e0121416_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6433a808ccc5c4c1559c183a81671b7249c3bae1bbc0f55e982ee73dbe9700e3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6934dffdc619dad6e81ae2032708d41e487b2709c14794819accdaa60aae582e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:e18ecc9b852178129fdb2a2efb40f97f6814f6980681ac82eae2eef9a317a96f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:3be80c8c50ed785eba9d289656cc87477b5a3a1bdd71fd91d048c66687ce4646_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:6f6b013bef1ddc9ec0437c0c7727bb0f8ebf9caae8ba4cf0dd6628d6c7cd768f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:8f107eed0efa34f6fa00003098457a58c1fd482286f590359a73c39ef225deb7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:e902f46cbcf188bc6e50b2351cc20465a7a238e1521568261a50f8cd33108752_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:1c6c3634aae0f7a47fba4f1a06530e742a0042896291579642a605b53105c019_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:3b42c3d5afc01b5e025f4694454c34c4577e7902d2004620e1d97940b9fa13ab_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:c0fc4eb8c0283e8cc9b08a1fe1cc49bd498d28d1233affaaf02b338de1cee5e9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:e2839a1a45aba4a367003abc7bc4e15531d6f278de1779f4c063ab6a002e960a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:1194cc3737cb2317e3f4b9760d2ac2aac1c804d4f5719a3513535acdddacc929_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:20eb0257f8ca0dce4e5d979a579b2d868c7b5313a661b2ab9dfb3c6f97bd0d69_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:492d612cc28ad4158d2fb071704ada6d667d939000ff4af20ab9ed3dc1c4a53d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ec95c7ff9c5a13a3cf11e89aff97d792f63cf89fb654f063aa662d134a335ee8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:4dbb10ac48ebedcd08e4d93d7958876d7c489b3c0764a703979c4cc16b2faef5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:95cd644aef3ed635fab4a04e8dd9e63a79812e2671a706dcecfcfb462fa9f287_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:bdb22f54ed17a76cb18e86f0a66ce6a5d1e12996b1c730c188096a78587bc220_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:fa5bba068d4ebf7624ad20c72af47a984e460bdbfafa90c83b7b78a9113354e2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c92d7b58be4a5dd715101723b187cf930e7b86ffa6e7a7b3119b7512c0f68639_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eb058d7d6145d35624567de74ed139aff8186062a0496663d45b1d6f9b2ae68c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:ec811d44ffc9fb926808773bdb33789411c07d46809c7318bdb9568575204fc7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fa617e29c09c782bc28c3a7d908be7809537e10fb46beb3fa74b391b90a86efb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:1ddec93f26b66624a8ffc6d6af6141f71df2bd0661f3038d327c787d1b61edd1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:4c0406ba6d9fca3d6d95b9c8f2b9a3c5d4a1c84727800fe0d45bc412d31dd28d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:6485741ec168a35fae0467dd8e23a74f143cadfd5faa298749bdced24eb7ce3c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:dbeff8644fe3cfe045e9658eae6d697fe2ddb979ccf06952fc955ebe1aa0aa3e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:494df23374cd1164ad802e252228112874083613f616a9beefa0737dd85d00f8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:75e342825c86def4e8bd85f19377e2f79931acfa5420fe1bb7af64011560db3d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:7ff67be12dd4c12b90788655f8269216d60d2008481e34e5213798d99b73f085_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:dcaf9ccda446a2b6ba0f31eea480c496011a3a2c5751dab7ecd4826c4fe1e897_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:293d0312079920e56e13c867dfc0f7d296c83db41af840eb01013d6a992afa24_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:909e4ffde6fe17c9449e8838805ec37e749a7a3bc1794e76df5a1214264f662f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d9a90877a5db128fb17576b608a7ee73271939458e2f499629ce5ea43f387964_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f5f7a3f069eb73b92aeaff8b8a6ad55459eb526928491abb0589b28017fbe705_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:1493fa1da9844aec3b3cb7506d40cc457aeef5204b5441cae47dbdb6a9ab249b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c4eb628e9e1b3ee30676098151cb7a4f9b05c25e464555899becf6361c04ab97_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ee3d28b620b03e7b2e2e8e87554942515d6022377a66aa0a2d986349dd062639_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54f746094413f0e99c70e1fe31fe867c058c851f63a4512368afc2c26a94795_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:8cbc36a64caf3e7de5b297976d7029ac88d01aa94da35f0d2601442d23bcdabe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:48af23673bf8432a192fed8ab9cb9f4a633ef8f26293253c268bc46360bb835e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:7a6a51ce23fb6e602c3ae8ceafa1c936fbedfbed49cca867c7e1577b444ec3b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:e361d6a863f360303a4fd5bf746dce961ac278a645ffb9c6ec87f9a58070f923_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:f2e57a021477b3884aa2ba88b3052ba8b14a50898659faaee1b31259b6461767_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3b623354def976e6cc8ffcc6cdefb7573c4d43340733f00236c68870ff9fb1ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:851f91c9b8fb0fc5c73c1357d41f79f8b98d0e27b440259de6c951e77ca6227a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:96e662c9dd20c2f94edcd83660b3e99ab0e0134a641d25ab3a391581f52055af_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:f34b71eb747790497c24715708011a68c050e0149c7561aad6b07315fb6d43c8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:806aaebf9ab2dc1fd654ccd6915490ab90bf1ad1bb5dd1c434e7af5d475b5ae0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:969593b2998dd62e5a823d20632225e0251814077687578370603795c6861fc2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:e8e0d825d5c55f09547af8d267486a3c33cdfb5c4733b8f85eac817cf9bf93e5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:f4bfb9910a0c3f6bd73769abea0f8b42e562560d94059a423b2498fb93a7b949_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:000cbef2e53822c62a07d9c46bcd368a3ad33b3a8a382be0ad5f6ef47fcd780e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:a4beab96eeafe47c939aef8c17bff4f20bf98ef0c4e5583c7208d07bb27b0586_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:cc9253be2cdbceaf8ec120aabc9f4fdd603f3b9ec190c24fd05e95f2863b5ea9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:f635cf3c647aeb72a6af00d97b4966dae041fe8d42722bded29c0de31181a7f0_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
12 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for RHOL-5.7-RHEL-8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "TODO: add package description\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2930",
"url": "https://access.redhat.com/errata/RHSA-2024:2930"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "LOG-5472",
"url": "https://issues.redhat.com/browse/LOG-5472"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2930.json"
}
],
"title": "Red Hat Security Advisory: logging for Red Hat OpenShift security update",
"tracking": {
"current_release_date": "2026-06-02T15:09:37+00:00",
"generator": {
"date": "2026-06-02T15:09:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:2930",
"initial_release_date": "2024-05-23T07:14:02+00:00",
"revision_history": [
{
"date": "2024-05-23T07:14:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-23T07:14:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:09:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.7 for RHEL 8",
"product": {
"name": "RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.7::el8"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5484c76cad28fa452c48f67d95295583dfbc6d34db22495eccfffec051893c49_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5484c76cad28fa452c48f67d95295583dfbc6d34db22495eccfffec051893c49_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:5484c76cad28fa452c48f67d95295583dfbc6d34db22495eccfffec051893c49_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:5484c76cad28fa452c48f67d95295583dfbc6d34db22495eccfffec051893c49?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.14-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:6349e0dfa8a940002570e6a0d5d7b91cf9f1fc2186da823150be95c55e7eec64_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:6349e0dfa8a940002570e6a0d5d7b91cf9f1fc2186da823150be95c55e7eec64_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:6349e0dfa8a940002570e6a0d5d7b91cf9f1fc2186da823150be95c55e7eec64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:6349e0dfa8a940002570e6a0d5d7b91cf9f1fc2186da823150be95c55e7eec64?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.7.14-14"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:8f107eed0efa34f6fa00003098457a58c1fd482286f590359a73c39ef225deb7_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:8f107eed0efa34f6fa00003098457a58c1fd482286f590359a73c39ef225deb7_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:8f107eed0efa34f6fa00003098457a58c1fd482286f590359a73c39ef225deb7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:8f107eed0efa34f6fa00003098457a58c1fd482286f590359a73c39ef225deb7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.14-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:a846c915cb692856eb1907726dc06c35564da1e40bbec7e1fe05b3b64327b8d4_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:a846c915cb692856eb1907726dc06c35564da1e40bbec7e1fe05b3b64327b8d4_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:a846c915cb692856eb1907726dc06c35564da1e40bbec7e1fe05b3b64327b8d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:a846c915cb692856eb1907726dc06c35564da1e40bbec7e1fe05b3b64327b8d4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.7.14-11"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e18ecc9b852178129fdb2a2efb40f97f6814f6980681ac82eae2eef9a317a96f_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e18ecc9b852178129fdb2a2efb40f97f6814f6980681ac82eae2eef9a317a96f_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e18ecc9b852178129fdb2a2efb40f97f6814f6980681ac82eae2eef9a317a96f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:e18ecc9b852178129fdb2a2efb40f97f6814f6980681ac82eae2eef9a317a96f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-485"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:6485741ec168a35fae0467dd8e23a74f143cadfd5faa298749bdced24eb7ce3c_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:6485741ec168a35fae0467dd8e23a74f143cadfd5faa298749bdced24eb7ce3c_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:6485741ec168a35fae0467dd8e23a74f143cadfd5faa298749bdced24eb7ce3c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:6485741ec168a35fae0467dd8e23a74f143cadfd5faa298749bdced24eb7ce3c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-235"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:494df23374cd1164ad802e252228112874083613f616a9beefa0737dd85d00f8_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:494df23374cd1164ad802e252228112874083613f616a9beefa0737dd85d00f8_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:494df23374cd1164ad802e252228112874083613f616a9beefa0737dd85d00f8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:494df23374cd1164ad802e252228112874083613f616a9beefa0737dd85d00f8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-477"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c0fc4eb8c0283e8cc9b08a1fe1cc49bd498d28d1233affaaf02b338de1cee5e9_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c0fc4eb8c0283e8cc9b08a1fe1cc49bd498d28d1233affaaf02b338de1cee5e9_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:c0fc4eb8c0283e8cc9b08a1fe1cc49bd498d28d1233affaaf02b338de1cee5e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:c0fc4eb8c0283e8cc9b08a1fe1cc49bd498d28d1233affaaf02b338de1cee5e9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-413"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:ec95c7ff9c5a13a3cf11e89aff97d792f63cf89fb654f063aa662d134a335ee8_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ec95c7ff9c5a13a3cf11e89aff97d792f63cf89fb654f063aa662d134a335ee8_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:ec95c7ff9c5a13a3cf11e89aff97d792f63cf89fb654f063aa662d134a335ee8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:ec95c7ff9c5a13a3cf11e89aff97d792f63cf89fb654f063aa662d134a335ee8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-255"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:bdb22f54ed17a76cb18e86f0a66ce6a5d1e12996b1c730c188096a78587bc220_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:bdb22f54ed17a76cb18e86f0a66ce6a5d1e12996b1c730c188096a78587bc220_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:bdb22f54ed17a76cb18e86f0a66ce6a5d1e12996b1c730c188096a78587bc220_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:bdb22f54ed17a76cb18e86f0a66ce6a5d1e12996b1c730c188096a78587bc220?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-218"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:fa617e29c09c782bc28c3a7d908be7809537e10fb46beb3fa74b391b90a86efb_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:fa617e29c09c782bc28c3a7d908be7809537e10fb46beb3fa74b391b90a86efb_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:fa617e29c09c782bc28c3a7d908be7809537e10fb46beb3fa74b391b90a86efb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:fa617e29c09c782bc28c3a7d908be7809537e10fb46beb3fa74b391b90a86efb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-434"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:293d0312079920e56e13c867dfc0f7d296c83db41af840eb01013d6a992afa24_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:293d0312079920e56e13c867dfc0f7d296c83db41af840eb01013d6a992afa24_amd64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:293d0312079920e56e13c867dfc0f7d296c83db41af840eb01013d6a992afa24_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:293d0312079920e56e13c867dfc0f7d296c83db41af840eb01013d6a992afa24?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.8-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:a4beab96eeafe47c939aef8c17bff4f20bf98ef0c4e5583c7208d07bb27b0586_amd64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:a4beab96eeafe47c939aef8c17bff4f20bf98ef0c4e5583c7208d07bb27b0586_amd64",
"product_id": "openshift-logging/vector-rhel8@sha256:a4beab96eeafe47c939aef8c17bff4f20bf98ef0c4e5583c7208d07bb27b0586_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:a4beab96eeafe47c939aef8c17bff4f20bf98ef0c4e5583c7208d07bb27b0586?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.28.1-61"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:f54f746094413f0e99c70e1fe31fe867c058c851f63a4512368afc2c26a94795_amd64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:f54f746094413f0e99c70e1fe31fe867c058c851f63a4512368afc2c26a94795_amd64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:f54f746094413f0e99c70e1fe31fe867c058c851f63a4512368afc2c26a94795_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:f54f746094413f0e99c70e1fe31fe867c058c851f63a4512368afc2c26a94795?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.14-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:8cbc36a64caf3e7de5b297976d7029ac88d01aa94da35f0d2601442d23bcdabe_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:8cbc36a64caf3e7de5b297976d7029ac88d01aa94da35f0d2601442d23bcdabe_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:8cbc36a64caf3e7de5b297976d7029ac88d01aa94da35f0d2601442d23bcdabe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:8cbc36a64caf3e7de5b297976d7029ac88d01aa94da35f0d2601442d23bcdabe?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.7.14-14"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:7a6a51ce23fb6e602c3ae8ceafa1c936fbedfbed49cca867c7e1577b444ec3b2_amd64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:7a6a51ce23fb6e602c3ae8ceafa1c936fbedfbed49cca867c7e1577b444ec3b2_amd64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:7a6a51ce23fb6e602c3ae8ceafa1c936fbedfbed49cca867c7e1577b444ec3b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:7a6a51ce23fb6e602c3ae8ceafa1c936fbedfbed49cca867c7e1577b444ec3b2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.14-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:3b623354def976e6cc8ffcc6cdefb7573c4d43340733f00236c68870ff9fb1ba_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:3b623354def976e6cc8ffcc6cdefb7573c4d43340733f00236c68870ff9fb1ba_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:3b623354def976e6cc8ffcc6cdefb7573c4d43340733f00236c68870ff9fb1ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:3b623354def976e6cc8ffcc6cdefb7573c4d43340733f00236c68870ff9fb1ba?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-547"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:f4bfb9910a0c3f6bd73769abea0f8b42e562560d94059a423b2498fb93a7b949_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:f4bfb9910a0c3f6bd73769abea0f8b42e562560d94059a423b2498fb93a7b949_amd64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:f4bfb9910a0c3f6bd73769abea0f8b42e562560d94059a423b2498fb93a7b949_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:f4bfb9910a0c3f6bd73769abea0f8b42e562560d94059a423b2498fb93a7b949?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-240"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:bcf26dae2241ded8335e3236944639643ce63027a24645d2de0d013589e79876_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:bcf26dae2241ded8335e3236944639643ce63027a24645d2de0d013589e79876_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:bcf26dae2241ded8335e3236944639643ce63027a24645d2de0d013589e79876_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:bcf26dae2241ded8335e3236944639643ce63027a24645d2de0d013589e79876?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.14-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:e902f46cbcf188bc6e50b2351cc20465a7a238e1521568261a50f8cd33108752_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:e902f46cbcf188bc6e50b2351cc20465a7a238e1521568261a50f8cd33108752_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:e902f46cbcf188bc6e50b2351cc20465a7a238e1521568261a50f8cd33108752_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:e902f46cbcf188bc6e50b2351cc20465a7a238e1521568261a50f8cd33108752?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.14-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6433a808ccc5c4c1559c183a81671b7249c3bae1bbc0f55e982ee73dbe9700e3_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6433a808ccc5c4c1559c183a81671b7249c3bae1bbc0f55e982ee73dbe9700e3_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6433a808ccc5c4c1559c183a81671b7249c3bae1bbc0f55e982ee73dbe9700e3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:6433a808ccc5c4c1559c183a81671b7249c3bae1bbc0f55e982ee73dbe9700e3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-485"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:dbeff8644fe3cfe045e9658eae6d697fe2ddb979ccf06952fc955ebe1aa0aa3e_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:dbeff8644fe3cfe045e9658eae6d697fe2ddb979ccf06952fc955ebe1aa0aa3e_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:dbeff8644fe3cfe045e9658eae6d697fe2ddb979ccf06952fc955ebe1aa0aa3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:dbeff8644fe3cfe045e9658eae6d697fe2ddb979ccf06952fc955ebe1aa0aa3e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-235"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:7ff67be12dd4c12b90788655f8269216d60d2008481e34e5213798d99b73f085_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:7ff67be12dd4c12b90788655f8269216d60d2008481e34e5213798d99b73f085_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:7ff67be12dd4c12b90788655f8269216d60d2008481e34e5213798d99b73f085_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:7ff67be12dd4c12b90788655f8269216d60d2008481e34e5213798d99b73f085?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-477"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:e2839a1a45aba4a367003abc7bc4e15531d6f278de1779f4c063ab6a002e960a_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:e2839a1a45aba4a367003abc7bc4e15531d6f278de1779f4c063ab6a002e960a_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:e2839a1a45aba4a367003abc7bc4e15531d6f278de1779f4c063ab6a002e960a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:e2839a1a45aba4a367003abc7bc4e15531d6f278de1779f4c063ab6a002e960a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-413"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:492d612cc28ad4158d2fb071704ada6d667d939000ff4af20ab9ed3dc1c4a53d_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:492d612cc28ad4158d2fb071704ada6d667d939000ff4af20ab9ed3dc1c4a53d_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:492d612cc28ad4158d2fb071704ada6d667d939000ff4af20ab9ed3dc1c4a53d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:492d612cc28ad4158d2fb071704ada6d667d939000ff4af20ab9ed3dc1c4a53d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-255"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:95cd644aef3ed635fab4a04e8dd9e63a79812e2671a706dcecfcfb462fa9f287_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:95cd644aef3ed635fab4a04e8dd9e63a79812e2671a706dcecfcfb462fa9f287_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:95cd644aef3ed635fab4a04e8dd9e63a79812e2671a706dcecfcfb462fa9f287_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:95cd644aef3ed635fab4a04e8dd9e63a79812e2671a706dcecfcfb462fa9f287?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-218"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:ec811d44ffc9fb926808773bdb33789411c07d46809c7318bdb9568575204fc7_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:ec811d44ffc9fb926808773bdb33789411c07d46809c7318bdb9568575204fc7_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:ec811d44ffc9fb926808773bdb33789411c07d46809c7318bdb9568575204fc7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:ec811d44ffc9fb926808773bdb33789411c07d46809c7318bdb9568575204fc7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-434"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:909e4ffde6fe17c9449e8838805ec37e749a7a3bc1794e76df5a1214264f662f_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:909e4ffde6fe17c9449e8838805ec37e749a7a3bc1794e76df5a1214264f662f_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:909e4ffde6fe17c9449e8838805ec37e749a7a3bc1794e76df5a1214264f662f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:909e4ffde6fe17c9449e8838805ec37e749a7a3bc1794e76df5a1214264f662f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.8-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:cc9253be2cdbceaf8ec120aabc9f4fdd603f3b9ec190c24fd05e95f2863b5ea9_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:cc9253be2cdbceaf8ec120aabc9f4fdd603f3b9ec190c24fd05e95f2863b5ea9_ppc64le",
"product_id": "openshift-logging/vector-rhel8@sha256:cc9253be2cdbceaf8ec120aabc9f4fdd603f3b9ec190c24fd05e95f2863b5ea9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:cc9253be2cdbceaf8ec120aabc9f4fdd603f3b9ec190c24fd05e95f2863b5ea9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.28.1-61"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:c4eb628e9e1b3ee30676098151cb7a4f9b05c25e464555899becf6361c04ab97_ppc64le",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:c4eb628e9e1b3ee30676098151cb7a4f9b05c25e464555899becf6361c04ab97_ppc64le",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:c4eb628e9e1b3ee30676098151cb7a4f9b05c25e464555899becf6361c04ab97_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:c4eb628e9e1b3ee30676098151cb7a4f9b05c25e464555899becf6361c04ab97?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.14-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:f2e57a021477b3884aa2ba88b3052ba8b14a50898659faaee1b31259b6461767_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:f2e57a021477b3884aa2ba88b3052ba8b14a50898659faaee1b31259b6461767_ppc64le",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:f2e57a021477b3884aa2ba88b3052ba8b14a50898659faaee1b31259b6461767_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:f2e57a021477b3884aa2ba88b3052ba8b14a50898659faaee1b31259b6461767?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.14-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:851f91c9b8fb0fc5c73c1357d41f79f8b98d0e27b440259de6c951e77ca6227a_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:851f91c9b8fb0fc5c73c1357d41f79f8b98d0e27b440259de6c951e77ca6227a_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:851f91c9b8fb0fc5c73c1357d41f79f8b98d0e27b440259de6c951e77ca6227a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:851f91c9b8fb0fc5c73c1357d41f79f8b98d0e27b440259de6c951e77ca6227a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-547"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:969593b2998dd62e5a823d20632225e0251814077687578370603795c6861fc2_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:969593b2998dd62e5a823d20632225e0251814077687578370603795c6861fc2_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:969593b2998dd62e5a823d20632225e0251814077687578370603795c6861fc2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:969593b2998dd62e5a823d20632225e0251814077687578370603795c6861fc2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-240"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:a1aafbebeca86cf4b52600bca4c3014881c1ffca7587d2d382275a3d247d72e9_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:a1aafbebeca86cf4b52600bca4c3014881c1ffca7587d2d382275a3d247d72e9_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:a1aafbebeca86cf4b52600bca4c3014881c1ffca7587d2d382275a3d247d72e9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:a1aafbebeca86cf4b52600bca4c3014881c1ffca7587d2d382275a3d247d72e9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.14-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6f6b013bef1ddc9ec0437c0c7727bb0f8ebf9caae8ba4cf0dd6628d6c7cd768f_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6f6b013bef1ddc9ec0437c0c7727bb0f8ebf9caae8ba4cf0dd6628d6c7cd768f_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:6f6b013bef1ddc9ec0437c0c7727bb0f8ebf9caae8ba4cf0dd6628d6c7cd768f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:6f6b013bef1ddc9ec0437c0c7727bb0f8ebf9caae8ba4cf0dd6628d6c7cd768f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.14-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:19a6691d7a3010253bf18a00a1b58896350354494375822744d08a09e0121416_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:19a6691d7a3010253bf18a00a1b58896350354494375822744d08a09e0121416_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:19a6691d7a3010253bf18a00a1b58896350354494375822744d08a09e0121416_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:19a6691d7a3010253bf18a00a1b58896350354494375822744d08a09e0121416?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-485"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4c0406ba6d9fca3d6d95b9c8f2b9a3c5d4a1c84727800fe0d45bc412d31dd28d_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4c0406ba6d9fca3d6d95b9c8f2b9a3c5d4a1c84727800fe0d45bc412d31dd28d_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4c0406ba6d9fca3d6d95b9c8f2b9a3c5d4a1c84727800fe0d45bc412d31dd28d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:4c0406ba6d9fca3d6d95b9c8f2b9a3c5d4a1c84727800fe0d45bc412d31dd28d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-235"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:dcaf9ccda446a2b6ba0f31eea480c496011a3a2c5751dab7ecd4826c4fe1e897_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:dcaf9ccda446a2b6ba0f31eea480c496011a3a2c5751dab7ecd4826c4fe1e897_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:dcaf9ccda446a2b6ba0f31eea480c496011a3a2c5751dab7ecd4826c4fe1e897_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:dcaf9ccda446a2b6ba0f31eea480c496011a3a2c5751dab7ecd4826c4fe1e897?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-477"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:1c6c3634aae0f7a47fba4f1a06530e742a0042896291579642a605b53105c019_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:1c6c3634aae0f7a47fba4f1a06530e742a0042896291579642a605b53105c019_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:1c6c3634aae0f7a47fba4f1a06530e742a0042896291579642a605b53105c019_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:1c6c3634aae0f7a47fba4f1a06530e742a0042896291579642a605b53105c019?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-413"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:1194cc3737cb2317e3f4b9760d2ac2aac1c804d4f5719a3513535acdddacc929_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:1194cc3737cb2317e3f4b9760d2ac2aac1c804d4f5719a3513535acdddacc929_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:1194cc3737cb2317e3f4b9760d2ac2aac1c804d4f5719a3513535acdddacc929_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:1194cc3737cb2317e3f4b9760d2ac2aac1c804d4f5719a3513535acdddacc929?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-255"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:fa5bba068d4ebf7624ad20c72af47a984e460bdbfafa90c83b7b78a9113354e2_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:fa5bba068d4ebf7624ad20c72af47a984e460bdbfafa90c83b7b78a9113354e2_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:fa5bba068d4ebf7624ad20c72af47a984e460bdbfafa90c83b7b78a9113354e2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:fa5bba068d4ebf7624ad20c72af47a984e460bdbfafa90c83b7b78a9113354e2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-218"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:eb058d7d6145d35624567de74ed139aff8186062a0496663d45b1d6f9b2ae68c_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:eb058d7d6145d35624567de74ed139aff8186062a0496663d45b1d6f9b2ae68c_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:eb058d7d6145d35624567de74ed139aff8186062a0496663d45b1d6f9b2ae68c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:eb058d7d6145d35624567de74ed139aff8186062a0496663d45b1d6f9b2ae68c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-434"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:d9a90877a5db128fb17576b608a7ee73271939458e2f499629ce5ea43f387964_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:d9a90877a5db128fb17576b608a7ee73271939458e2f499629ce5ea43f387964_s390x",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:d9a90877a5db128fb17576b608a7ee73271939458e2f499629ce5ea43f387964_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:d9a90877a5db128fb17576b608a7ee73271939458e2f499629ce5ea43f387964?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.8-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:000cbef2e53822c62a07d9c46bcd368a3ad33b3a8a382be0ad5f6ef47fcd780e_s390x",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:000cbef2e53822c62a07d9c46bcd368a3ad33b3a8a382be0ad5f6ef47fcd780e_s390x",
"product_id": "openshift-logging/vector-rhel8@sha256:000cbef2e53822c62a07d9c46bcd368a3ad33b3a8a382be0ad5f6ef47fcd780e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:000cbef2e53822c62a07d9c46bcd368a3ad33b3a8a382be0ad5f6ef47fcd780e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.28.1-61"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:ee3d28b620b03e7b2e2e8e87554942515d6022377a66aa0a2d986349dd062639_s390x",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:ee3d28b620b03e7b2e2e8e87554942515d6022377a66aa0a2d986349dd062639_s390x",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:ee3d28b620b03e7b2e2e8e87554942515d6022377a66aa0a2d986349dd062639_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:ee3d28b620b03e7b2e2e8e87554942515d6022377a66aa0a2d986349dd062639?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.14-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:e361d6a863f360303a4fd5bf746dce961ac278a645ffb9c6ec87f9a58070f923_s390x",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:e361d6a863f360303a4fd5bf746dce961ac278a645ffb9c6ec87f9a58070f923_s390x",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:e361d6a863f360303a4fd5bf746dce961ac278a645ffb9c6ec87f9a58070f923_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:e361d6a863f360303a4fd5bf746dce961ac278a645ffb9c6ec87f9a58070f923?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.14-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:f34b71eb747790497c24715708011a68c050e0149c7561aad6b07315fb6d43c8_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:f34b71eb747790497c24715708011a68c050e0149c7561aad6b07315fb6d43c8_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:f34b71eb747790497c24715708011a68c050e0149c7561aad6b07315fb6d43c8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:f34b71eb747790497c24715708011a68c050e0149c7561aad6b07315fb6d43c8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-547"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:806aaebf9ab2dc1fd654ccd6915490ab90bf1ad1bb5dd1c434e7af5d475b5ae0_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:806aaebf9ab2dc1fd654ccd6915490ab90bf1ad1bb5dd1c434e7af5d475b5ae0_s390x",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:806aaebf9ab2dc1fd654ccd6915490ab90bf1ad1bb5dd1c434e7af5d475b5ae0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:806aaebf9ab2dc1fd654ccd6915490ab90bf1ad1bb5dd1c434e7af5d475b5ae0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-240"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:ed41b5450aa91a1dbb519acd184f87f96e090be3d099e88dc27a005bdc9bab15_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:ed41b5450aa91a1dbb519acd184f87f96e090be3d099e88dc27a005bdc9bab15_arm64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:ed41b5450aa91a1dbb519acd184f87f96e090be3d099e88dc27a005bdc9bab15_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:ed41b5450aa91a1dbb519acd184f87f96e090be3d099e88dc27a005bdc9bab15?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.14-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:3be80c8c50ed785eba9d289656cc87477b5a3a1bdd71fd91d048c66687ce4646_arm64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:3be80c8c50ed785eba9d289656cc87477b5a3a1bdd71fd91d048c66687ce4646_arm64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:3be80c8c50ed785eba9d289656cc87477b5a3a1bdd71fd91d048c66687ce4646_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:3be80c8c50ed785eba9d289656cc87477b5a3a1bdd71fd91d048c66687ce4646?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.14-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6934dffdc619dad6e81ae2032708d41e487b2709c14794819accdaa60aae582e_arm64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6934dffdc619dad6e81ae2032708d41e487b2709c14794819accdaa60aae582e_arm64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6934dffdc619dad6e81ae2032708d41e487b2709c14794819accdaa60aae582e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:6934dffdc619dad6e81ae2032708d41e487b2709c14794819accdaa60aae582e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-485"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:1ddec93f26b66624a8ffc6d6af6141f71df2bd0661f3038d327c787d1b61edd1_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:1ddec93f26b66624a8ffc6d6af6141f71df2bd0661f3038d327c787d1b61edd1_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:1ddec93f26b66624a8ffc6d6af6141f71df2bd0661f3038d327c787d1b61edd1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:1ddec93f26b66624a8ffc6d6af6141f71df2bd0661f3038d327c787d1b61edd1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-235"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:75e342825c86def4e8bd85f19377e2f79931acfa5420fe1bb7af64011560db3d_arm64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:75e342825c86def4e8bd85f19377e2f79931acfa5420fe1bb7af64011560db3d_arm64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:75e342825c86def4e8bd85f19377e2f79931acfa5420fe1bb7af64011560db3d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:75e342825c86def4e8bd85f19377e2f79931acfa5420fe1bb7af64011560db3d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-477"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3b42c3d5afc01b5e025f4694454c34c4577e7902d2004620e1d97940b9fa13ab_arm64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3b42c3d5afc01b5e025f4694454c34c4577e7902d2004620e1d97940b9fa13ab_arm64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:3b42c3d5afc01b5e025f4694454c34c4577e7902d2004620e1d97940b9fa13ab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:3b42c3d5afc01b5e025f4694454c34c4577e7902d2004620e1d97940b9fa13ab?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-413"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:20eb0257f8ca0dce4e5d979a579b2d868c7b5313a661b2ab9dfb3c6f97bd0d69_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:20eb0257f8ca0dce4e5d979a579b2d868c7b5313a661b2ab9dfb3c6f97bd0d69_arm64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:20eb0257f8ca0dce4e5d979a579b2d868c7b5313a661b2ab9dfb3c6f97bd0d69_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:20eb0257f8ca0dce4e5d979a579b2d868c7b5313a661b2ab9dfb3c6f97bd0d69?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-255"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:4dbb10ac48ebedcd08e4d93d7958876d7c489b3c0764a703979c4cc16b2faef5_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:4dbb10ac48ebedcd08e4d93d7958876d7c489b3c0764a703979c4cc16b2faef5_arm64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:4dbb10ac48ebedcd08e4d93d7958876d7c489b3c0764a703979c4cc16b2faef5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:4dbb10ac48ebedcd08e4d93d7958876d7c489b3c0764a703979c4cc16b2faef5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-218"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:c92d7b58be4a5dd715101723b187cf930e7b86ffa6e7a7b3119b7512c0f68639_arm64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:c92d7b58be4a5dd715101723b187cf930e7b86ffa6e7a7b3119b7512c0f68639_arm64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:c92d7b58be4a5dd715101723b187cf930e7b86ffa6e7a7b3119b7512c0f68639_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:c92d7b58be4a5dd715101723b187cf930e7b86ffa6e7a7b3119b7512c0f68639?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-434"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:f5f7a3f069eb73b92aeaff8b8a6ad55459eb526928491abb0589b28017fbe705_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:f5f7a3f069eb73b92aeaff8b8a6ad55459eb526928491abb0589b28017fbe705_arm64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:f5f7a3f069eb73b92aeaff8b8a6ad55459eb526928491abb0589b28017fbe705_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:f5f7a3f069eb73b92aeaff8b8a6ad55459eb526928491abb0589b28017fbe705?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.9.8-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:f635cf3c647aeb72a6af00d97b4966dae041fe8d42722bded29c0de31181a7f0_arm64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:f635cf3c647aeb72a6af00d97b4966dae041fe8d42722bded29c0de31181a7f0_arm64",
"product_id": "openshift-logging/vector-rhel8@sha256:f635cf3c647aeb72a6af00d97b4966dae041fe8d42722bded29c0de31181a7f0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:f635cf3c647aeb72a6af00d97b4966dae041fe8d42722bded29c0de31181a7f0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.28.1-61"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:1493fa1da9844aec3b3cb7506d40cc457aeef5204b5441cae47dbdb6a9ab249b_arm64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:1493fa1da9844aec3b3cb7506d40cc457aeef5204b5441cae47dbdb6a9ab249b_arm64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:1493fa1da9844aec3b3cb7506d40cc457aeef5204b5441cae47dbdb6a9ab249b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:1493fa1da9844aec3b3cb7506d40cc457aeef5204b5441cae47dbdb6a9ab249b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.14-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:48af23673bf8432a192fed8ab9cb9f4a633ef8f26293253c268bc46360bb835e_arm64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:48af23673bf8432a192fed8ab9cb9f4a633ef8f26293253c268bc46360bb835e_arm64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:48af23673bf8432a192fed8ab9cb9f4a633ef8f26293253c268bc46360bb835e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:48af23673bf8432a192fed8ab9cb9f4a633ef8f26293253c268bc46360bb835e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.14-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:96e662c9dd20c2f94edcd83660b3e99ab0e0134a641d25ab3a391581f52055af_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:96e662c9dd20c2f94edcd83660b3e99ab0e0134a641d25ab3a391581f52055af_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:96e662c9dd20c2f94edcd83660b3e99ab0e0134a641d25ab3a391581f52055af_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:96e662c9dd20c2f94edcd83660b3e99ab0e0134a641d25ab3a391581f52055af?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-547"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:e8e0d825d5c55f09547af8d267486a3c33cdfb5c4733b8f85eac817cf9bf93e5_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:e8e0d825d5c55f09547af8d267486a3c33cdfb5c4733b8f85eac817cf9bf93e5_arm64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:e8e0d825d5c55f09547af8d267486a3c33cdfb5c4733b8f85eac817cf9bf93e5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:e8e0d825d5c55f09547af8d267486a3c33cdfb5c4733b8f85eac817cf9bf93e5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-240"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:6349e0dfa8a940002570e6a0d5d7b91cf9f1fc2186da823150be95c55e7eec64_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:6349e0dfa8a940002570e6a0d5d7b91cf9f1fc2186da823150be95c55e7eec64_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:6349e0dfa8a940002570e6a0d5d7b91cf9f1fc2186da823150be95c55e7eec64_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5484c76cad28fa452c48f67d95295583dfbc6d34db22495eccfffec051893c49_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:5484c76cad28fa452c48f67d95295583dfbc6d34db22495eccfffec051893c49_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:5484c76cad28fa452c48f67d95295583dfbc6d34db22495eccfffec051893c49_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:a1aafbebeca86cf4b52600bca4c3014881c1ffca7587d2d382275a3d247d72e9_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:a1aafbebeca86cf4b52600bca4c3014881c1ffca7587d2d382275a3d247d72e9_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:a1aafbebeca86cf4b52600bca4c3014881c1ffca7587d2d382275a3d247d72e9_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:bcf26dae2241ded8335e3236944639643ce63027a24645d2de0d013589e79876_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:bcf26dae2241ded8335e3236944639643ce63027a24645d2de0d013589e79876_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:bcf26dae2241ded8335e3236944639643ce63027a24645d2de0d013589e79876_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:ed41b5450aa91a1dbb519acd184f87f96e090be3d099e88dc27a005bdc9bab15_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ed41b5450aa91a1dbb519acd184f87f96e090be3d099e88dc27a005bdc9bab15_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:ed41b5450aa91a1dbb519acd184f87f96e090be3d099e88dc27a005bdc9bab15_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:a846c915cb692856eb1907726dc06c35564da1e40bbec7e1fe05b3b64327b8d4_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:a846c915cb692856eb1907726dc06c35564da1e40bbec7e1fe05b3b64327b8d4_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:a846c915cb692856eb1907726dc06c35564da1e40bbec7e1fe05b3b64327b8d4_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:19a6691d7a3010253bf18a00a1b58896350354494375822744d08a09e0121416_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:19a6691d7a3010253bf18a00a1b58896350354494375822744d08a09e0121416_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:19a6691d7a3010253bf18a00a1b58896350354494375822744d08a09e0121416_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6433a808ccc5c4c1559c183a81671b7249c3bae1bbc0f55e982ee73dbe9700e3_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6433a808ccc5c4c1559c183a81671b7249c3bae1bbc0f55e982ee73dbe9700e3_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6433a808ccc5c4c1559c183a81671b7249c3bae1bbc0f55e982ee73dbe9700e3_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6934dffdc619dad6e81ae2032708d41e487b2709c14794819accdaa60aae582e_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6934dffdc619dad6e81ae2032708d41e487b2709c14794819accdaa60aae582e_arm64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6934dffdc619dad6e81ae2032708d41e487b2709c14794819accdaa60aae582e_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e18ecc9b852178129fdb2a2efb40f97f6814f6980681ac82eae2eef9a317a96f_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:e18ecc9b852178129fdb2a2efb40f97f6814f6980681ac82eae2eef9a317a96f_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e18ecc9b852178129fdb2a2efb40f97f6814f6980681ac82eae2eef9a317a96f_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:3be80c8c50ed785eba9d289656cc87477b5a3a1bdd71fd91d048c66687ce4646_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:3be80c8c50ed785eba9d289656cc87477b5a3a1bdd71fd91d048c66687ce4646_arm64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:3be80c8c50ed785eba9d289656cc87477b5a3a1bdd71fd91d048c66687ce4646_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6f6b013bef1ddc9ec0437c0c7727bb0f8ebf9caae8ba4cf0dd6628d6c7cd768f_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:6f6b013bef1ddc9ec0437c0c7727bb0f8ebf9caae8ba4cf0dd6628d6c7cd768f_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:6f6b013bef1ddc9ec0437c0c7727bb0f8ebf9caae8ba4cf0dd6628d6c7cd768f_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:8f107eed0efa34f6fa00003098457a58c1fd482286f590359a73c39ef225deb7_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:8f107eed0efa34f6fa00003098457a58c1fd482286f590359a73c39ef225deb7_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:8f107eed0efa34f6fa00003098457a58c1fd482286f590359a73c39ef225deb7_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:e902f46cbcf188bc6e50b2351cc20465a7a238e1521568261a50f8cd33108752_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:e902f46cbcf188bc6e50b2351cc20465a7a238e1521568261a50f8cd33108752_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:e902f46cbcf188bc6e50b2351cc20465a7a238e1521568261a50f8cd33108752_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:1c6c3634aae0f7a47fba4f1a06530e742a0042896291579642a605b53105c019_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:1c6c3634aae0f7a47fba4f1a06530e742a0042896291579642a605b53105c019_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:1c6c3634aae0f7a47fba4f1a06530e742a0042896291579642a605b53105c019_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3b42c3d5afc01b5e025f4694454c34c4577e7902d2004620e1d97940b9fa13ab_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:3b42c3d5afc01b5e025f4694454c34c4577e7902d2004620e1d97940b9fa13ab_arm64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:3b42c3d5afc01b5e025f4694454c34c4577e7902d2004620e1d97940b9fa13ab_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c0fc4eb8c0283e8cc9b08a1fe1cc49bd498d28d1233affaaf02b338de1cee5e9_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:c0fc4eb8c0283e8cc9b08a1fe1cc49bd498d28d1233affaaf02b338de1cee5e9_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:c0fc4eb8c0283e8cc9b08a1fe1cc49bd498d28d1233affaaf02b338de1cee5e9_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:e2839a1a45aba4a367003abc7bc4e15531d6f278de1779f4c063ab6a002e960a_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:e2839a1a45aba4a367003abc7bc4e15531d6f278de1779f4c063ab6a002e960a_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:e2839a1a45aba4a367003abc7bc4e15531d6f278de1779f4c063ab6a002e960a_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:1194cc3737cb2317e3f4b9760d2ac2aac1c804d4f5719a3513535acdddacc929_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:1194cc3737cb2317e3f4b9760d2ac2aac1c804d4f5719a3513535acdddacc929_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:1194cc3737cb2317e3f4b9760d2ac2aac1c804d4f5719a3513535acdddacc929_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:20eb0257f8ca0dce4e5d979a579b2d868c7b5313a661b2ab9dfb3c6f97bd0d69_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:20eb0257f8ca0dce4e5d979a579b2d868c7b5313a661b2ab9dfb3c6f97bd0d69_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:20eb0257f8ca0dce4e5d979a579b2d868c7b5313a661b2ab9dfb3c6f97bd0d69_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:492d612cc28ad4158d2fb071704ada6d667d939000ff4af20ab9ed3dc1c4a53d_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:492d612cc28ad4158d2fb071704ada6d667d939000ff4af20ab9ed3dc1c4a53d_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:492d612cc28ad4158d2fb071704ada6d667d939000ff4af20ab9ed3dc1c4a53d_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ec95c7ff9c5a13a3cf11e89aff97d792f63cf89fb654f063aa662d134a335ee8_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ec95c7ff9c5a13a3cf11e89aff97d792f63cf89fb654f063aa662d134a335ee8_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:ec95c7ff9c5a13a3cf11e89aff97d792f63cf89fb654f063aa662d134a335ee8_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:4dbb10ac48ebedcd08e4d93d7958876d7c489b3c0764a703979c4cc16b2faef5_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:4dbb10ac48ebedcd08e4d93d7958876d7c489b3c0764a703979c4cc16b2faef5_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:4dbb10ac48ebedcd08e4d93d7958876d7c489b3c0764a703979c4cc16b2faef5_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:95cd644aef3ed635fab4a04e8dd9e63a79812e2671a706dcecfcfb462fa9f287_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:95cd644aef3ed635fab4a04e8dd9e63a79812e2671a706dcecfcfb462fa9f287_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:95cd644aef3ed635fab4a04e8dd9e63a79812e2671a706dcecfcfb462fa9f287_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:bdb22f54ed17a76cb18e86f0a66ce6a5d1e12996b1c730c188096a78587bc220_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:bdb22f54ed17a76cb18e86f0a66ce6a5d1e12996b1c730c188096a78587bc220_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:bdb22f54ed17a76cb18e86f0a66ce6a5d1e12996b1c730c188096a78587bc220_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:fa5bba068d4ebf7624ad20c72af47a984e460bdbfafa90c83b7b78a9113354e2_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:fa5bba068d4ebf7624ad20c72af47a984e460bdbfafa90c83b7b78a9113354e2_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:fa5bba068d4ebf7624ad20c72af47a984e460bdbfafa90c83b7b78a9113354e2_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:c92d7b58be4a5dd715101723b187cf930e7b86ffa6e7a7b3119b7512c0f68639_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c92d7b58be4a5dd715101723b187cf930e7b86ffa6e7a7b3119b7512c0f68639_arm64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:c92d7b58be4a5dd715101723b187cf930e7b86ffa6e7a7b3119b7512c0f68639_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:eb058d7d6145d35624567de74ed139aff8186062a0496663d45b1d6f9b2ae68c_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eb058d7d6145d35624567de74ed139aff8186062a0496663d45b1d6f9b2ae68c_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:eb058d7d6145d35624567de74ed139aff8186062a0496663d45b1d6f9b2ae68c_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:ec811d44ffc9fb926808773bdb33789411c07d46809c7318bdb9568575204fc7_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:ec811d44ffc9fb926808773bdb33789411c07d46809c7318bdb9568575204fc7_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:ec811d44ffc9fb926808773bdb33789411c07d46809c7318bdb9568575204fc7_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:fa617e29c09c782bc28c3a7d908be7809537e10fb46beb3fa74b391b90a86efb_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fa617e29c09c782bc28c3a7d908be7809537e10fb46beb3fa74b391b90a86efb_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:fa617e29c09c782bc28c3a7d908be7809537e10fb46beb3fa74b391b90a86efb_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:1ddec93f26b66624a8ffc6d6af6141f71df2bd0661f3038d327c787d1b61edd1_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:1ddec93f26b66624a8ffc6d6af6141f71df2bd0661f3038d327c787d1b61edd1_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:1ddec93f26b66624a8ffc6d6af6141f71df2bd0661f3038d327c787d1b61edd1_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4c0406ba6d9fca3d6d95b9c8f2b9a3c5d4a1c84727800fe0d45bc412d31dd28d_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:4c0406ba6d9fca3d6d95b9c8f2b9a3c5d4a1c84727800fe0d45bc412d31dd28d_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4c0406ba6d9fca3d6d95b9c8f2b9a3c5d4a1c84727800fe0d45bc412d31dd28d_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:6485741ec168a35fae0467dd8e23a74f143cadfd5faa298749bdced24eb7ce3c_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:6485741ec168a35fae0467dd8e23a74f143cadfd5faa298749bdced24eb7ce3c_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:6485741ec168a35fae0467dd8e23a74f143cadfd5faa298749bdced24eb7ce3c_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:dbeff8644fe3cfe045e9658eae6d697fe2ddb979ccf06952fc955ebe1aa0aa3e_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:dbeff8644fe3cfe045e9658eae6d697fe2ddb979ccf06952fc955ebe1aa0aa3e_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:dbeff8644fe3cfe045e9658eae6d697fe2ddb979ccf06952fc955ebe1aa0aa3e_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:494df23374cd1164ad802e252228112874083613f616a9beefa0737dd85d00f8_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:494df23374cd1164ad802e252228112874083613f616a9beefa0737dd85d00f8_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:494df23374cd1164ad802e252228112874083613f616a9beefa0737dd85d00f8_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:75e342825c86def4e8bd85f19377e2f79931acfa5420fe1bb7af64011560db3d_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:75e342825c86def4e8bd85f19377e2f79931acfa5420fe1bb7af64011560db3d_arm64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:75e342825c86def4e8bd85f19377e2f79931acfa5420fe1bb7af64011560db3d_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:7ff67be12dd4c12b90788655f8269216d60d2008481e34e5213798d99b73f085_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:7ff67be12dd4c12b90788655f8269216d60d2008481e34e5213798d99b73f085_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:7ff67be12dd4c12b90788655f8269216d60d2008481e34e5213798d99b73f085_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:dcaf9ccda446a2b6ba0f31eea480c496011a3a2c5751dab7ecd4826c4fe1e897_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:dcaf9ccda446a2b6ba0f31eea480c496011a3a2c5751dab7ecd4826c4fe1e897_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:dcaf9ccda446a2b6ba0f31eea480c496011a3a2c5751dab7ecd4826c4fe1e897_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:293d0312079920e56e13c867dfc0f7d296c83db41af840eb01013d6a992afa24_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:293d0312079920e56e13c867dfc0f7d296c83db41af840eb01013d6a992afa24_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:293d0312079920e56e13c867dfc0f7d296c83db41af840eb01013d6a992afa24_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:909e4ffde6fe17c9449e8838805ec37e749a7a3bc1794e76df5a1214264f662f_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:909e4ffde6fe17c9449e8838805ec37e749a7a3bc1794e76df5a1214264f662f_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:909e4ffde6fe17c9449e8838805ec37e749a7a3bc1794e76df5a1214264f662f_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:d9a90877a5db128fb17576b608a7ee73271939458e2f499629ce5ea43f387964_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d9a90877a5db128fb17576b608a7ee73271939458e2f499629ce5ea43f387964_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:d9a90877a5db128fb17576b608a7ee73271939458e2f499629ce5ea43f387964_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:f5f7a3f069eb73b92aeaff8b8a6ad55459eb526928491abb0589b28017fbe705_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f5f7a3f069eb73b92aeaff8b8a6ad55459eb526928491abb0589b28017fbe705_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:f5f7a3f069eb73b92aeaff8b8a6ad55459eb526928491abb0589b28017fbe705_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:1493fa1da9844aec3b3cb7506d40cc457aeef5204b5441cae47dbdb6a9ab249b_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:1493fa1da9844aec3b3cb7506d40cc457aeef5204b5441cae47dbdb6a9ab249b_arm64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:1493fa1da9844aec3b3cb7506d40cc457aeef5204b5441cae47dbdb6a9ab249b_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:c4eb628e9e1b3ee30676098151cb7a4f9b05c25e464555899becf6361c04ab97_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c4eb628e9e1b3ee30676098151cb7a4f9b05c25e464555899becf6361c04ab97_ppc64le"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:c4eb628e9e1b3ee30676098151cb7a4f9b05c25e464555899becf6361c04ab97_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:ee3d28b620b03e7b2e2e8e87554942515d6022377a66aa0a2d986349dd062639_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ee3d28b620b03e7b2e2e8e87554942515d6022377a66aa0a2d986349dd062639_s390x"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:ee3d28b620b03e7b2e2e8e87554942515d6022377a66aa0a2d986349dd062639_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:f54f746094413f0e99c70e1fe31fe867c058c851f63a4512368afc2c26a94795_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54f746094413f0e99c70e1fe31fe867c058c851f63a4512368afc2c26a94795_amd64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:f54f746094413f0e99c70e1fe31fe867c058c851f63a4512368afc2c26a94795_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:8cbc36a64caf3e7de5b297976d7029ac88d01aa94da35f0d2601442d23bcdabe_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:8cbc36a64caf3e7de5b297976d7029ac88d01aa94da35f0d2601442d23bcdabe_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:8cbc36a64caf3e7de5b297976d7029ac88d01aa94da35f0d2601442d23bcdabe_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:48af23673bf8432a192fed8ab9cb9f4a633ef8f26293253c268bc46360bb835e_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:48af23673bf8432a192fed8ab9cb9f4a633ef8f26293253c268bc46360bb835e_arm64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:48af23673bf8432a192fed8ab9cb9f4a633ef8f26293253c268bc46360bb835e_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:7a6a51ce23fb6e602c3ae8ceafa1c936fbedfbed49cca867c7e1577b444ec3b2_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:7a6a51ce23fb6e602c3ae8ceafa1c936fbedfbed49cca867c7e1577b444ec3b2_amd64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:7a6a51ce23fb6e602c3ae8ceafa1c936fbedfbed49cca867c7e1577b444ec3b2_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:e361d6a863f360303a4fd5bf746dce961ac278a645ffb9c6ec87f9a58070f923_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:e361d6a863f360303a4fd5bf746dce961ac278a645ffb9c6ec87f9a58070f923_s390x"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:e361d6a863f360303a4fd5bf746dce961ac278a645ffb9c6ec87f9a58070f923_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:f2e57a021477b3884aa2ba88b3052ba8b14a50898659faaee1b31259b6461767_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:f2e57a021477b3884aa2ba88b3052ba8b14a50898659faaee1b31259b6461767_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:f2e57a021477b3884aa2ba88b3052ba8b14a50898659faaee1b31259b6461767_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:3b623354def976e6cc8ffcc6cdefb7573c4d43340733f00236c68870ff9fb1ba_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3b623354def976e6cc8ffcc6cdefb7573c4d43340733f00236c68870ff9fb1ba_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:3b623354def976e6cc8ffcc6cdefb7573c4d43340733f00236c68870ff9fb1ba_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:851f91c9b8fb0fc5c73c1357d41f79f8b98d0e27b440259de6c951e77ca6227a_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:851f91c9b8fb0fc5c73c1357d41f79f8b98d0e27b440259de6c951e77ca6227a_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:851f91c9b8fb0fc5c73c1357d41f79f8b98d0e27b440259de6c951e77ca6227a_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:96e662c9dd20c2f94edcd83660b3e99ab0e0134a641d25ab3a391581f52055af_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:96e662c9dd20c2f94edcd83660b3e99ab0e0134a641d25ab3a391581f52055af_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:96e662c9dd20c2f94edcd83660b3e99ab0e0134a641d25ab3a391581f52055af_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:f34b71eb747790497c24715708011a68c050e0149c7561aad6b07315fb6d43c8_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:f34b71eb747790497c24715708011a68c050e0149c7561aad6b07315fb6d43c8_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:f34b71eb747790497c24715708011a68c050e0149c7561aad6b07315fb6d43c8_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:806aaebf9ab2dc1fd654ccd6915490ab90bf1ad1bb5dd1c434e7af5d475b5ae0_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:806aaebf9ab2dc1fd654ccd6915490ab90bf1ad1bb5dd1c434e7af5d475b5ae0_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:806aaebf9ab2dc1fd654ccd6915490ab90bf1ad1bb5dd1c434e7af5d475b5ae0_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:969593b2998dd62e5a823d20632225e0251814077687578370603795c6861fc2_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:969593b2998dd62e5a823d20632225e0251814077687578370603795c6861fc2_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:969593b2998dd62e5a823d20632225e0251814077687578370603795c6861fc2_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:e8e0d825d5c55f09547af8d267486a3c33cdfb5c4733b8f85eac817cf9bf93e5_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:e8e0d825d5c55f09547af8d267486a3c33cdfb5c4733b8f85eac817cf9bf93e5_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:e8e0d825d5c55f09547af8d267486a3c33cdfb5c4733b8f85eac817cf9bf93e5_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:f4bfb9910a0c3f6bd73769abea0f8b42e562560d94059a423b2498fb93a7b949_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:f4bfb9910a0c3f6bd73769abea0f8b42e562560d94059a423b2498fb93a7b949_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:f4bfb9910a0c3f6bd73769abea0f8b42e562560d94059a423b2498fb93a7b949_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:000cbef2e53822c62a07d9c46bcd368a3ad33b3a8a382be0ad5f6ef47fcd780e_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:000cbef2e53822c62a07d9c46bcd368a3ad33b3a8a382be0ad5f6ef47fcd780e_s390x"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:000cbef2e53822c62a07d9c46bcd368a3ad33b3a8a382be0ad5f6ef47fcd780e_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:a4beab96eeafe47c939aef8c17bff4f20bf98ef0c4e5583c7208d07bb27b0586_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:a4beab96eeafe47c939aef8c17bff4f20bf98ef0c4e5583c7208d07bb27b0586_amd64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:a4beab96eeafe47c939aef8c17bff4f20bf98ef0c4e5583c7208d07bb27b0586_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:cc9253be2cdbceaf8ec120aabc9f4fdd603f3b9ec190c24fd05e95f2863b5ea9_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:cc9253be2cdbceaf8ec120aabc9f4fdd603f3b9ec190c24fd05e95f2863b5ea9_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:cc9253be2cdbceaf8ec120aabc9f4fdd603f3b9ec190c24fd05e95f2863b5ea9_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:f635cf3c647aeb72a6af00d97b4966dae041fe8d42722bded29c0de31181a7f0_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:f635cf3c647aeb72a6af00d97b4966dae041fe8d42722bded29c0de31181a7f0_arm64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:f635cf3c647aeb72a6af00d97b4966dae041fe8d42722bded29c0de31181a7f0_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:6349e0dfa8a940002570e6a0d5d7b91cf9f1fc2186da823150be95c55e7eec64_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:5484c76cad28fa452c48f67d95295583dfbc6d34db22495eccfffec051893c49_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:a1aafbebeca86cf4b52600bca4c3014881c1ffca7587d2d382275a3d247d72e9_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:bcf26dae2241ded8335e3236944639643ce63027a24645d2de0d013589e79876_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ed41b5450aa91a1dbb519acd184f87f96e090be3d099e88dc27a005bdc9bab15_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:a846c915cb692856eb1907726dc06c35564da1e40bbec7e1fe05b3b64327b8d4_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:19a6691d7a3010253bf18a00a1b58896350354494375822744d08a09e0121416_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6433a808ccc5c4c1559c183a81671b7249c3bae1bbc0f55e982ee73dbe9700e3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6934dffdc619dad6e81ae2032708d41e487b2709c14794819accdaa60aae582e_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:e18ecc9b852178129fdb2a2efb40f97f6814f6980681ac82eae2eef9a317a96f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:3be80c8c50ed785eba9d289656cc87477b5a3a1bdd71fd91d048c66687ce4646_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:6f6b013bef1ddc9ec0437c0c7727bb0f8ebf9caae8ba4cf0dd6628d6c7cd768f_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:8f107eed0efa34f6fa00003098457a58c1fd482286f590359a73c39ef225deb7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:e902f46cbcf188bc6e50b2351cc20465a7a238e1521568261a50f8cd33108752_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:1c6c3634aae0f7a47fba4f1a06530e742a0042896291579642a605b53105c019_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:3b42c3d5afc01b5e025f4694454c34c4577e7902d2004620e1d97940b9fa13ab_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:c0fc4eb8c0283e8cc9b08a1fe1cc49bd498d28d1233affaaf02b338de1cee5e9_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:e2839a1a45aba4a367003abc7bc4e15531d6f278de1779f4c063ab6a002e960a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:1194cc3737cb2317e3f4b9760d2ac2aac1c804d4f5719a3513535acdddacc929_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:20eb0257f8ca0dce4e5d979a579b2d868c7b5313a661b2ab9dfb3c6f97bd0d69_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:492d612cc28ad4158d2fb071704ada6d667d939000ff4af20ab9ed3dc1c4a53d_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ec95c7ff9c5a13a3cf11e89aff97d792f63cf89fb654f063aa662d134a335ee8_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:4dbb10ac48ebedcd08e4d93d7958876d7c489b3c0764a703979c4cc16b2faef5_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:95cd644aef3ed635fab4a04e8dd9e63a79812e2671a706dcecfcfb462fa9f287_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:bdb22f54ed17a76cb18e86f0a66ce6a5d1e12996b1c730c188096a78587bc220_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:fa5bba068d4ebf7624ad20c72af47a984e460bdbfafa90c83b7b78a9113354e2_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c92d7b58be4a5dd715101723b187cf930e7b86ffa6e7a7b3119b7512c0f68639_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eb058d7d6145d35624567de74ed139aff8186062a0496663d45b1d6f9b2ae68c_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:ec811d44ffc9fb926808773bdb33789411c07d46809c7318bdb9568575204fc7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fa617e29c09c782bc28c3a7d908be7809537e10fb46beb3fa74b391b90a86efb_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:1ddec93f26b66624a8ffc6d6af6141f71df2bd0661f3038d327c787d1b61edd1_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:4c0406ba6d9fca3d6d95b9c8f2b9a3c5d4a1c84727800fe0d45bc412d31dd28d_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:6485741ec168a35fae0467dd8e23a74f143cadfd5faa298749bdced24eb7ce3c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:dbeff8644fe3cfe045e9658eae6d697fe2ddb979ccf06952fc955ebe1aa0aa3e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:494df23374cd1164ad802e252228112874083613f616a9beefa0737dd85d00f8_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:75e342825c86def4e8bd85f19377e2f79931acfa5420fe1bb7af64011560db3d_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:7ff67be12dd4c12b90788655f8269216d60d2008481e34e5213798d99b73f085_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:dcaf9ccda446a2b6ba0f31eea480c496011a3a2c5751dab7ecd4826c4fe1e897_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:293d0312079920e56e13c867dfc0f7d296c83db41af840eb01013d6a992afa24_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:909e4ffde6fe17c9449e8838805ec37e749a7a3bc1794e76df5a1214264f662f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d9a90877a5db128fb17576b608a7ee73271939458e2f499629ce5ea43f387964_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f5f7a3f069eb73b92aeaff8b8a6ad55459eb526928491abb0589b28017fbe705_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:1493fa1da9844aec3b3cb7506d40cc457aeef5204b5441cae47dbdb6a9ab249b_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c4eb628e9e1b3ee30676098151cb7a4f9b05c25e464555899becf6361c04ab97_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ee3d28b620b03e7b2e2e8e87554942515d6022377a66aa0a2d986349dd062639_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54f746094413f0e99c70e1fe31fe867c058c851f63a4512368afc2c26a94795_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:8cbc36a64caf3e7de5b297976d7029ac88d01aa94da35f0d2601442d23bcdabe_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:48af23673bf8432a192fed8ab9cb9f4a633ef8f26293253c268bc46360bb835e_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:7a6a51ce23fb6e602c3ae8ceafa1c936fbedfbed49cca867c7e1577b444ec3b2_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:e361d6a863f360303a4fd5bf746dce961ac278a645ffb9c6ec87f9a58070f923_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:f2e57a021477b3884aa2ba88b3052ba8b14a50898659faaee1b31259b6461767_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3b623354def976e6cc8ffcc6cdefb7573c4d43340733f00236c68870ff9fb1ba_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:851f91c9b8fb0fc5c73c1357d41f79f8b98d0e27b440259de6c951e77ca6227a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:96e662c9dd20c2f94edcd83660b3e99ab0e0134a641d25ab3a391581f52055af_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:f34b71eb747790497c24715708011a68c050e0149c7561aad6b07315fb6d43c8_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:806aaebf9ab2dc1fd654ccd6915490ab90bf1ad1bb5dd1c434e7af5d475b5ae0_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:969593b2998dd62e5a823d20632225e0251814077687578370603795c6861fc2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:e8e0d825d5c55f09547af8d267486a3c33cdfb5c4733b8f85eac817cf9bf93e5_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:f4bfb9910a0c3f6bd73769abea0f8b42e562560d94059a423b2498fb93a7b949_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:000cbef2e53822c62a07d9c46bcd368a3ad33b3a8a382be0ad5f6ef47fcd780e_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:a4beab96eeafe47c939aef8c17bff4f20bf98ef0c4e5583c7208d07bb27b0586_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:cc9253be2cdbceaf8ec120aabc9f4fdd603f3b9ec190c24fd05e95f2863b5ea9_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:f635cf3c647aeb72a6af00d97b4966dae041fe8d42722bded29c0de31181a7f0_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-23T07:14:02+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.12/release_notes/ocp-4-12-release-notes.html\n\nFor Red Hat OpenShift Logging 5.7, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.12/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:6349e0dfa8a940002570e6a0d5d7b91cf9f1fc2186da823150be95c55e7eec64_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:5484c76cad28fa452c48f67d95295583dfbc6d34db22495eccfffec051893c49_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:a1aafbebeca86cf4b52600bca4c3014881c1ffca7587d2d382275a3d247d72e9_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:bcf26dae2241ded8335e3236944639643ce63027a24645d2de0d013589e79876_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ed41b5450aa91a1dbb519acd184f87f96e090be3d099e88dc27a005bdc9bab15_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:a846c915cb692856eb1907726dc06c35564da1e40bbec7e1fe05b3b64327b8d4_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:19a6691d7a3010253bf18a00a1b58896350354494375822744d08a09e0121416_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6433a808ccc5c4c1559c183a81671b7249c3bae1bbc0f55e982ee73dbe9700e3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6934dffdc619dad6e81ae2032708d41e487b2709c14794819accdaa60aae582e_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:e18ecc9b852178129fdb2a2efb40f97f6814f6980681ac82eae2eef9a317a96f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:3be80c8c50ed785eba9d289656cc87477b5a3a1bdd71fd91d048c66687ce4646_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:6f6b013bef1ddc9ec0437c0c7727bb0f8ebf9caae8ba4cf0dd6628d6c7cd768f_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:8f107eed0efa34f6fa00003098457a58c1fd482286f590359a73c39ef225deb7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:e902f46cbcf188bc6e50b2351cc20465a7a238e1521568261a50f8cd33108752_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:1c6c3634aae0f7a47fba4f1a06530e742a0042896291579642a605b53105c019_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:3b42c3d5afc01b5e025f4694454c34c4577e7902d2004620e1d97940b9fa13ab_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:c0fc4eb8c0283e8cc9b08a1fe1cc49bd498d28d1233affaaf02b338de1cee5e9_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:e2839a1a45aba4a367003abc7bc4e15531d6f278de1779f4c063ab6a002e960a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:1194cc3737cb2317e3f4b9760d2ac2aac1c804d4f5719a3513535acdddacc929_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:20eb0257f8ca0dce4e5d979a579b2d868c7b5313a661b2ab9dfb3c6f97bd0d69_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:492d612cc28ad4158d2fb071704ada6d667d939000ff4af20ab9ed3dc1c4a53d_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ec95c7ff9c5a13a3cf11e89aff97d792f63cf89fb654f063aa662d134a335ee8_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:4dbb10ac48ebedcd08e4d93d7958876d7c489b3c0764a703979c4cc16b2faef5_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:95cd644aef3ed635fab4a04e8dd9e63a79812e2671a706dcecfcfb462fa9f287_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:bdb22f54ed17a76cb18e86f0a66ce6a5d1e12996b1c730c188096a78587bc220_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:fa5bba068d4ebf7624ad20c72af47a984e460bdbfafa90c83b7b78a9113354e2_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c92d7b58be4a5dd715101723b187cf930e7b86ffa6e7a7b3119b7512c0f68639_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eb058d7d6145d35624567de74ed139aff8186062a0496663d45b1d6f9b2ae68c_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:ec811d44ffc9fb926808773bdb33789411c07d46809c7318bdb9568575204fc7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fa617e29c09c782bc28c3a7d908be7809537e10fb46beb3fa74b391b90a86efb_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:1ddec93f26b66624a8ffc6d6af6141f71df2bd0661f3038d327c787d1b61edd1_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:4c0406ba6d9fca3d6d95b9c8f2b9a3c5d4a1c84727800fe0d45bc412d31dd28d_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:6485741ec168a35fae0467dd8e23a74f143cadfd5faa298749bdced24eb7ce3c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:dbeff8644fe3cfe045e9658eae6d697fe2ddb979ccf06952fc955ebe1aa0aa3e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:494df23374cd1164ad802e252228112874083613f616a9beefa0737dd85d00f8_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:75e342825c86def4e8bd85f19377e2f79931acfa5420fe1bb7af64011560db3d_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:7ff67be12dd4c12b90788655f8269216d60d2008481e34e5213798d99b73f085_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:dcaf9ccda446a2b6ba0f31eea480c496011a3a2c5751dab7ecd4826c4fe1e897_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:293d0312079920e56e13c867dfc0f7d296c83db41af840eb01013d6a992afa24_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:909e4ffde6fe17c9449e8838805ec37e749a7a3bc1794e76df5a1214264f662f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d9a90877a5db128fb17576b608a7ee73271939458e2f499629ce5ea43f387964_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f5f7a3f069eb73b92aeaff8b8a6ad55459eb526928491abb0589b28017fbe705_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:1493fa1da9844aec3b3cb7506d40cc457aeef5204b5441cae47dbdb6a9ab249b_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c4eb628e9e1b3ee30676098151cb7a4f9b05c25e464555899becf6361c04ab97_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ee3d28b620b03e7b2e2e8e87554942515d6022377a66aa0a2d986349dd062639_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54f746094413f0e99c70e1fe31fe867c058c851f63a4512368afc2c26a94795_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:8cbc36a64caf3e7de5b297976d7029ac88d01aa94da35f0d2601442d23bcdabe_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:48af23673bf8432a192fed8ab9cb9f4a633ef8f26293253c268bc46360bb835e_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:7a6a51ce23fb6e602c3ae8ceafa1c936fbedfbed49cca867c7e1577b444ec3b2_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:e361d6a863f360303a4fd5bf746dce961ac278a645ffb9c6ec87f9a58070f923_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:f2e57a021477b3884aa2ba88b3052ba8b14a50898659faaee1b31259b6461767_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3b623354def976e6cc8ffcc6cdefb7573c4d43340733f00236c68870ff9fb1ba_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:851f91c9b8fb0fc5c73c1357d41f79f8b98d0e27b440259de6c951e77ca6227a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:96e662c9dd20c2f94edcd83660b3e99ab0e0134a641d25ab3a391581f52055af_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:f34b71eb747790497c24715708011a68c050e0149c7561aad6b07315fb6d43c8_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:806aaebf9ab2dc1fd654ccd6915490ab90bf1ad1bb5dd1c434e7af5d475b5ae0_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:969593b2998dd62e5a823d20632225e0251814077687578370603795c6861fc2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:e8e0d825d5c55f09547af8d267486a3c33cdfb5c4733b8f85eac817cf9bf93e5_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:f4bfb9910a0c3f6bd73769abea0f8b42e562560d94059a423b2498fb93a7b949_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:000cbef2e53822c62a07d9c46bcd368a3ad33b3a8a382be0ad5f6ef47fcd780e_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:a4beab96eeafe47c939aef8c17bff4f20bf98ef0c4e5583c7208d07bb27b0586_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:cc9253be2cdbceaf8ec120aabc9f4fdd603f3b9ec190c24fd05e95f2863b5ea9_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:f635cf3c647aeb72a6af00d97b4966dae041fe8d42722bded29c0de31181a7f0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2930"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:6349e0dfa8a940002570e6a0d5d7b91cf9f1fc2186da823150be95c55e7eec64_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:5484c76cad28fa452c48f67d95295583dfbc6d34db22495eccfffec051893c49_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:a1aafbebeca86cf4b52600bca4c3014881c1ffca7587d2d382275a3d247d72e9_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:bcf26dae2241ded8335e3236944639643ce63027a24645d2de0d013589e79876_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ed41b5450aa91a1dbb519acd184f87f96e090be3d099e88dc27a005bdc9bab15_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:a846c915cb692856eb1907726dc06c35564da1e40bbec7e1fe05b3b64327b8d4_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:19a6691d7a3010253bf18a00a1b58896350354494375822744d08a09e0121416_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6433a808ccc5c4c1559c183a81671b7249c3bae1bbc0f55e982ee73dbe9700e3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6934dffdc619dad6e81ae2032708d41e487b2709c14794819accdaa60aae582e_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:e18ecc9b852178129fdb2a2efb40f97f6814f6980681ac82eae2eef9a317a96f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:3be80c8c50ed785eba9d289656cc87477b5a3a1bdd71fd91d048c66687ce4646_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:6f6b013bef1ddc9ec0437c0c7727bb0f8ebf9caae8ba4cf0dd6628d6c7cd768f_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:8f107eed0efa34f6fa00003098457a58c1fd482286f590359a73c39ef225deb7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:e902f46cbcf188bc6e50b2351cc20465a7a238e1521568261a50f8cd33108752_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:1c6c3634aae0f7a47fba4f1a06530e742a0042896291579642a605b53105c019_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:3b42c3d5afc01b5e025f4694454c34c4577e7902d2004620e1d97940b9fa13ab_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:c0fc4eb8c0283e8cc9b08a1fe1cc49bd498d28d1233affaaf02b338de1cee5e9_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:e2839a1a45aba4a367003abc7bc4e15531d6f278de1779f4c063ab6a002e960a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:1194cc3737cb2317e3f4b9760d2ac2aac1c804d4f5719a3513535acdddacc929_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:20eb0257f8ca0dce4e5d979a579b2d868c7b5313a661b2ab9dfb3c6f97bd0d69_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:492d612cc28ad4158d2fb071704ada6d667d939000ff4af20ab9ed3dc1c4a53d_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ec95c7ff9c5a13a3cf11e89aff97d792f63cf89fb654f063aa662d134a335ee8_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:4dbb10ac48ebedcd08e4d93d7958876d7c489b3c0764a703979c4cc16b2faef5_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:95cd644aef3ed635fab4a04e8dd9e63a79812e2671a706dcecfcfb462fa9f287_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:bdb22f54ed17a76cb18e86f0a66ce6a5d1e12996b1c730c188096a78587bc220_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:fa5bba068d4ebf7624ad20c72af47a984e460bdbfafa90c83b7b78a9113354e2_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c92d7b58be4a5dd715101723b187cf930e7b86ffa6e7a7b3119b7512c0f68639_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eb058d7d6145d35624567de74ed139aff8186062a0496663d45b1d6f9b2ae68c_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:ec811d44ffc9fb926808773bdb33789411c07d46809c7318bdb9568575204fc7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fa617e29c09c782bc28c3a7d908be7809537e10fb46beb3fa74b391b90a86efb_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:1ddec93f26b66624a8ffc6d6af6141f71df2bd0661f3038d327c787d1b61edd1_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:4c0406ba6d9fca3d6d95b9c8f2b9a3c5d4a1c84727800fe0d45bc412d31dd28d_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:6485741ec168a35fae0467dd8e23a74f143cadfd5faa298749bdced24eb7ce3c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:dbeff8644fe3cfe045e9658eae6d697fe2ddb979ccf06952fc955ebe1aa0aa3e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:494df23374cd1164ad802e252228112874083613f616a9beefa0737dd85d00f8_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:75e342825c86def4e8bd85f19377e2f79931acfa5420fe1bb7af64011560db3d_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:7ff67be12dd4c12b90788655f8269216d60d2008481e34e5213798d99b73f085_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:dcaf9ccda446a2b6ba0f31eea480c496011a3a2c5751dab7ecd4826c4fe1e897_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:293d0312079920e56e13c867dfc0f7d296c83db41af840eb01013d6a992afa24_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:909e4ffde6fe17c9449e8838805ec37e749a7a3bc1794e76df5a1214264f662f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d9a90877a5db128fb17576b608a7ee73271939458e2f499629ce5ea43f387964_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f5f7a3f069eb73b92aeaff8b8a6ad55459eb526928491abb0589b28017fbe705_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:1493fa1da9844aec3b3cb7506d40cc457aeef5204b5441cae47dbdb6a9ab249b_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c4eb628e9e1b3ee30676098151cb7a4f9b05c25e464555899becf6361c04ab97_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ee3d28b620b03e7b2e2e8e87554942515d6022377a66aa0a2d986349dd062639_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54f746094413f0e99c70e1fe31fe867c058c851f63a4512368afc2c26a94795_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:8cbc36a64caf3e7de5b297976d7029ac88d01aa94da35f0d2601442d23bcdabe_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:48af23673bf8432a192fed8ab9cb9f4a633ef8f26293253c268bc46360bb835e_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:7a6a51ce23fb6e602c3ae8ceafa1c936fbedfbed49cca867c7e1577b444ec3b2_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:e361d6a863f360303a4fd5bf746dce961ac278a645ffb9c6ec87f9a58070f923_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:f2e57a021477b3884aa2ba88b3052ba8b14a50898659faaee1b31259b6461767_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3b623354def976e6cc8ffcc6cdefb7573c4d43340733f00236c68870ff9fb1ba_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:851f91c9b8fb0fc5c73c1357d41f79f8b98d0e27b440259de6c951e77ca6227a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:96e662c9dd20c2f94edcd83660b3e99ab0e0134a641d25ab3a391581f52055af_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:f34b71eb747790497c24715708011a68c050e0149c7561aad6b07315fb6d43c8_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:806aaebf9ab2dc1fd654ccd6915490ab90bf1ad1bb5dd1c434e7af5d475b5ae0_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:969593b2998dd62e5a823d20632225e0251814077687578370603795c6861fc2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:e8e0d825d5c55f09547af8d267486a3c33cdfb5c4733b8f85eac817cf9bf93e5_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:f4bfb9910a0c3f6bd73769abea0f8b42e562560d94059a423b2498fb93a7b949_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:000cbef2e53822c62a07d9c46bcd368a3ad33b3a8a382be0ad5f6ef47fcd780e_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:a4beab96eeafe47c939aef8c17bff4f20bf98ef0c4e5583c7208d07bb27b0586_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:cc9253be2cdbceaf8ec120aabc9f4fdd603f3b9ec190c24fd05e95f2863b5ea9_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:f635cf3c647aeb72a6af00d97b4966dae041fe8d42722bded29c0de31181a7f0_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:6349e0dfa8a940002570e6a0d5d7b91cf9f1fc2186da823150be95c55e7eec64_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:5484c76cad28fa452c48f67d95295583dfbc6d34db22495eccfffec051893c49_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:a1aafbebeca86cf4b52600bca4c3014881c1ffca7587d2d382275a3d247d72e9_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:bcf26dae2241ded8335e3236944639643ce63027a24645d2de0d013589e79876_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ed41b5450aa91a1dbb519acd184f87f96e090be3d099e88dc27a005bdc9bab15_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:a846c915cb692856eb1907726dc06c35564da1e40bbec7e1fe05b3b64327b8d4_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:19a6691d7a3010253bf18a00a1b58896350354494375822744d08a09e0121416_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6433a808ccc5c4c1559c183a81671b7249c3bae1bbc0f55e982ee73dbe9700e3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:6934dffdc619dad6e81ae2032708d41e487b2709c14794819accdaa60aae582e_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:e18ecc9b852178129fdb2a2efb40f97f6814f6980681ac82eae2eef9a317a96f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:3be80c8c50ed785eba9d289656cc87477b5a3a1bdd71fd91d048c66687ce4646_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:6f6b013bef1ddc9ec0437c0c7727bb0f8ebf9caae8ba4cf0dd6628d6c7cd768f_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:8f107eed0efa34f6fa00003098457a58c1fd482286f590359a73c39ef225deb7_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:e902f46cbcf188bc6e50b2351cc20465a7a238e1521568261a50f8cd33108752_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:1c6c3634aae0f7a47fba4f1a06530e742a0042896291579642a605b53105c019_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:3b42c3d5afc01b5e025f4694454c34c4577e7902d2004620e1d97940b9fa13ab_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:c0fc4eb8c0283e8cc9b08a1fe1cc49bd498d28d1233affaaf02b338de1cee5e9_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:e2839a1a45aba4a367003abc7bc4e15531d6f278de1779f4c063ab6a002e960a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:1194cc3737cb2317e3f4b9760d2ac2aac1c804d4f5719a3513535acdddacc929_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:20eb0257f8ca0dce4e5d979a579b2d868c7b5313a661b2ab9dfb3c6f97bd0d69_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:492d612cc28ad4158d2fb071704ada6d667d939000ff4af20ab9ed3dc1c4a53d_ppc64le",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:ec95c7ff9c5a13a3cf11e89aff97d792f63cf89fb654f063aa662d134a335ee8_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:4dbb10ac48ebedcd08e4d93d7958876d7c489b3c0764a703979c4cc16b2faef5_arm64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:95cd644aef3ed635fab4a04e8dd9e63a79812e2671a706dcecfcfb462fa9f287_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:bdb22f54ed17a76cb18e86f0a66ce6a5d1e12996b1c730c188096a78587bc220_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:fa5bba068d4ebf7624ad20c72af47a984e460bdbfafa90c83b7b78a9113354e2_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c92d7b58be4a5dd715101723b187cf930e7b86ffa6e7a7b3119b7512c0f68639_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:eb058d7d6145d35624567de74ed139aff8186062a0496663d45b1d6f9b2ae68c_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:ec811d44ffc9fb926808773bdb33789411c07d46809c7318bdb9568575204fc7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fa617e29c09c782bc28c3a7d908be7809537e10fb46beb3fa74b391b90a86efb_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:1ddec93f26b66624a8ffc6d6af6141f71df2bd0661f3038d327c787d1b61edd1_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:4c0406ba6d9fca3d6d95b9c8f2b9a3c5d4a1c84727800fe0d45bc412d31dd28d_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:6485741ec168a35fae0467dd8e23a74f143cadfd5faa298749bdced24eb7ce3c_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:dbeff8644fe3cfe045e9658eae6d697fe2ddb979ccf06952fc955ebe1aa0aa3e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:494df23374cd1164ad802e252228112874083613f616a9beefa0737dd85d00f8_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:75e342825c86def4e8bd85f19377e2f79931acfa5420fe1bb7af64011560db3d_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:7ff67be12dd4c12b90788655f8269216d60d2008481e34e5213798d99b73f085_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:dcaf9ccda446a2b6ba0f31eea480c496011a3a2c5751dab7ecd4826c4fe1e897_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:293d0312079920e56e13c867dfc0f7d296c83db41af840eb01013d6a992afa24_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:909e4ffde6fe17c9449e8838805ec37e749a7a3bc1794e76df5a1214264f662f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:d9a90877a5db128fb17576b608a7ee73271939458e2f499629ce5ea43f387964_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:f5f7a3f069eb73b92aeaff8b8a6ad55459eb526928491abb0589b28017fbe705_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:1493fa1da9844aec3b3cb7506d40cc457aeef5204b5441cae47dbdb6a9ab249b_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:c4eb628e9e1b3ee30676098151cb7a4f9b05c25e464555899becf6361c04ab97_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ee3d28b620b03e7b2e2e8e87554942515d6022377a66aa0a2d986349dd062639_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:f54f746094413f0e99c70e1fe31fe867c058c851f63a4512368afc2c26a94795_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:8cbc36a64caf3e7de5b297976d7029ac88d01aa94da35f0d2601442d23bcdabe_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:48af23673bf8432a192fed8ab9cb9f4a633ef8f26293253c268bc46360bb835e_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:7a6a51ce23fb6e602c3ae8ceafa1c936fbedfbed49cca867c7e1577b444ec3b2_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:e361d6a863f360303a4fd5bf746dce961ac278a645ffb9c6ec87f9a58070f923_s390x",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:f2e57a021477b3884aa2ba88b3052ba8b14a50898659faaee1b31259b6461767_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:3b623354def976e6cc8ffcc6cdefb7573c4d43340733f00236c68870ff9fb1ba_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:851f91c9b8fb0fc5c73c1357d41f79f8b98d0e27b440259de6c951e77ca6227a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:96e662c9dd20c2f94edcd83660b3e99ab0e0134a641d25ab3a391581f52055af_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:f34b71eb747790497c24715708011a68c050e0149c7561aad6b07315fb6d43c8_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:806aaebf9ab2dc1fd654ccd6915490ab90bf1ad1bb5dd1c434e7af5d475b5ae0_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:969593b2998dd62e5a823d20632225e0251814077687578370603795c6861fc2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:e8e0d825d5c55f09547af8d267486a3c33cdfb5c4733b8f85eac817cf9bf93e5_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:f4bfb9910a0c3f6bd73769abea0f8b42e562560d94059a423b2498fb93a7b949_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:000cbef2e53822c62a07d9c46bcd368a3ad33b3a8a382be0ad5f6ef47fcd780e_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:a4beab96eeafe47c939aef8c17bff4f20bf98ef0c4e5583c7208d07bb27b0586_amd64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:cc9253be2cdbceaf8ec120aabc9f4fdd603f3b9ec190c24fd05e95f2863b5ea9_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:f635cf3c647aeb72a6af00d97b4966dae041fe8d42722bded29c0de31181a7f0_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
}
]
}
RHSA-2024:2932
Vulnerability from csaf_redhat - Published: 2024-05-23 07:08 - Updated: 2026-06-02 15:09Summary
Red Hat Security Advisory: logging for Red Hat OpenShift security update
Severity
Important
Notes
Topic: An update is now available for RHOL-5.8-RHEL-9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: TODO: add package description
Security Fix(es):
* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/cluster-logging-operator-bundle@sha256:c47be5a5806c99e8aff2ef30c723cb922a702645b898a58ab83a6d8d6e35e95e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:2303e515d38576bb4afb5dbed0edc076c64bea8edeb8c1cf6ff022798777babb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:4dda7d95ec0daf96b89d3c7b65d46bc1a338beb6567b5456934bfbb056f351ab_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:b83a2debfe95072729cc9db1917436d24b38c645ed58bba29c77f43363a3fbfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:e1da801f88284017b42bf0ab7bfa8d3246708a1d669c03e4f8e10b7e7b57328a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-operator-bundle@sha256:31b9f0c3c8b1fef81a18bab856d011a0eced7ca1fcd74d62ea77fab592006693_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:02f01a7b607b0e5bec904e2b3dee2d5a870d68ce68598af81b8ff254b23bf570_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:439fec7733007049760eec9ab0befb17847d982cffe4f8175c96cab5cd3a033b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:526cb245f74190516468b380b1dfe302c7a270c6f5e40708a696d54df640e041_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:7393fa8a34232062577f9b78b53630dec2d79a383805e9305ca36d2d34ea5de0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:705a960175390352ecbebdf1d329ea6a2d980f9c93a63d433ae93d0b04081db6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:de941d69b5e297abf6b832e2663ce657bad520073ad4f6302d17a8d6ebcb0588_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:f0ce5f22f7aa49797de754efa2b17c62c41558b00c558328691a21ff2c23c8cb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:f67f38331f9bd962564523c4c47834e3adf988bb2ba6557228a94faadc12bb12_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:1bd4cac1d2078737bbfc2e4ed1b520d47ab66c68d0d7dd92abc414b0d36ed020_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:2b88ad83be942f63d284d3e03b3c32142fedf46f5e7c3d3bbbb6f2451ae2daf5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:851b0302ecdbe432c100fb18b443b6db70fe2c1558f0ce2a62f824a9035ae646_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:c017dcb8062bcaeae7905c3a2bef4bf51b0822c91656093d0ae3a75c559716ea_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:01af9f73e47407759bfa083e0b75655ac02dcb5abbf42f1be40d21c9321a28cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:5c73ad6d58456f89b6393235b53d0674816e4eb628a5096b9d0072b60822c41b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:dbaadc1ba30b714a4e7720f427d0cd9f42864fa2f3ab45f3d8e8eb78b5562a2d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:dd2aeab25497d540046526ab7f8c6f7ee4e8e287047188221ac63c46563f8673_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:2a438b59400d0c8d2fd2801b090147a23c397782e2bb45b7f50a0bc621470dc1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:38081ff6228fe62ba00bfecf4d7b402d95d0c708eea8077bec37c792bb5dbfc7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:42d1eed6409836f5e73a119a46a179dec9e96d821d5d742dff35f08eb986807c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:c4529e2d14e53da00c703efb9f4d255121aa3c3cbe1a007fc81bead882667dd9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:059d8783be55371bd75e772750e8697910cf8be40792e838843c81dfaadce19e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:5fc34d4024f969fe3ec47a31336b90e8114e73fefa80d898b4ee826f1f4c7b65_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:d1dc69ba8b1a61c91bcc5cb3a8332c9e1065918c2b7f46ec6684e72b15d8a770_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:e726b9d7179c24e8b783406e583b286c8c97f2521dcf3e2ae9f0bfc32125c70b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:2e27c1dd9cfa13ba99f067cb223d1a29f16e751a68980fd6e9240175696871cd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:b523e61f663f504c1d0405cf93527d4c16f3c1251602d4ddac02008d36bd1fbc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:bf9affd56e58addf1e65623f16e6a8b322f76f2ca284bfe08ade508abbdc301a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:edb1bb40ff090f59ab734b84a0e45db949f320f151f9bbfc39529387c462f366_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:61c6df0a2e3f6215ec070bf810e70f77fb9c16934439b46856ddbac355d6c1b8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:9b9bf7640468f5a13b35cc25e57421f1630d38bb6f01b7843e293eae6a033270_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:aea5a63e59a96553d1559a618b5914cfd2cf57ade813110a668310e5a542697d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:e7dabe43201427722af9cbfcbbe43b5169208ce0ca4088d4b5f6036c11946b77_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:2806bedf9333e6bbe17338e4c4fb62ba98ce8e501a44d4339e5b010dd6555abd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:7cd78f6601cdfff63417365f2d9d1d485d54dfd05e7b9f01de0ec017f12bcbfa_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:9f8cfeca68bfdbaa8a23b2e288c7a01e6b3bd163699cac68c910297a0ed033a6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:e54e78aa4119ec6f15298379d8713232485cea58e4bd974671239a10391144b8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/loki-operator-bundle@sha256:3170281fa5d979d062239d24af0778f902408db026d99c41603df9e48ec1a8ce_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:00f1889804cea0f835e0ce00ee365094866303e1e07ef70a3989f7cab63065a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:25e497f6b2b94686fd01818c5342ecee68d9e6459774905970dbfb934717983d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:5e0f4bb4f490fbcc3e1498bf98967ef7ef0de273c3774ded8977eb774b624050_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:f016d7ac35adb908f25cf046f4b549faab8b8b47a40943112993f0827b5f2b6f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:0a9db85b98926dbfc6443ffe43296cdbfcf57baf6b886cb06846aff7a86a941d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:928daa89c1def159ddc84ddb9796efe1b1ed8054775a7cf7c344b766c88fbd5b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:a16eff217c55347425fac0236718c5ccbf729fd4782ab3a0796952bd99d05509_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:e94134307b0f854410f0c05ba14410588608910fca9ff6b526560072af0240d3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:026041021fcc7d6006dbbdf4a1e4987045582a003616bab782ff2bc740576357_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:6328bab5f26e96957ec4a67e503a37d1ec63f1da4f44c69f9d4f9daa98a193e7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:80a706484f9c997623f1a36da8e2fe731c139618d2b4c0d3159b89684c74bae0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:f08484885461528f112d80ecba1297131e4163611ebf3574ecda6601ede9b288_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:25329f71f3a1eb62f295787dca994f7a5cb4c3a9c0222216fc11dfc3716d721f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:98eecb61c29c4eedd104b2ff5a429a303967765c59b5d49d9f725956be39bc77_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:bdbd70f7308f48e4ba699cbf5e63389cca421ea77860f6a47de807e379e2974e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:c5b0a8964b8974b4db3592300c25d9b51b03f6dc430ecf2f3028d4f056dfc21b_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
15 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for RHOL-5.8-RHEL-9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "TODO: add package description\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2932",
"url": "https://access.redhat.com/errata/RHSA-2024:2932"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "LOG-4949",
"url": "https://issues.redhat.com/browse/LOG-4949"
},
{
"category": "external",
"summary": "LOG-5467",
"url": "https://issues.redhat.com/browse/LOG-5467"
},
{
"category": "external",
"summary": "LOG-5471",
"url": "https://issues.redhat.com/browse/LOG-5471"
},
{
"category": "external",
"summary": "LOG-5514",
"url": "https://issues.redhat.com/browse/LOG-5514"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2932.json"
}
],
"title": "Red Hat Security Advisory: logging for Red Hat OpenShift security update",
"tracking": {
"current_release_date": "2026-06-02T15:09:38+00:00",
"generator": {
"date": "2026-06-02T15:09:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:2932",
"initial_release_date": "2024-05-23T07:08:54+00:00",
"revision_history": [
{
"date": "2024-05-23T07:08:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-23T07:08:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:09:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.8 for RHEL 9",
"product": {
"name": "RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.8::el9"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:b83a2debfe95072729cc9db1917436d24b38c645ed58bba29c77f43363a3fbfb_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:b83a2debfe95072729cc9db1917436d24b38c645ed58bba29c77f43363a3fbfb_amd64",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:b83a2debfe95072729cc9db1917436d24b38c645ed58bba29c77f43363a3fbfb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:b83a2debfe95072729cc9db1917436d24b38c645ed58bba29c77f43363a3fbfb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.8.7-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:c47be5a5806c99e8aff2ef30c723cb922a702645b898a58ab83a6d8d6e35e95e_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:c47be5a5806c99e8aff2ef30c723cb922a702645b898a58ab83a6d8d6e35e95e_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:c47be5a5806c99e8aff2ef30c723cb922a702645b898a58ab83a6d8d6e35e95e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:c47be5a5806c99e8aff2ef30c723cb922a702645b898a58ab83a6d8d6e35e95e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.8.7-14"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:de941d69b5e297abf6b832e2663ce657bad520073ad4f6302d17a8d6ebcb0588_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:de941d69b5e297abf6b832e2663ce657bad520073ad4f6302d17a8d6ebcb0588_amd64",
"product_id": "openshift-logging/elasticsearch-rhel9-operator@sha256:de941d69b5e297abf6b832e2663ce657bad520073ad4f6302d17a8d6ebcb0588_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel9-operator@sha256:de941d69b5e297abf6b832e2663ce657bad520073ad4f6302d17a8d6ebcb0588?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel9-operator\u0026tag=v5.8.7-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:31b9f0c3c8b1fef81a18bab856d011a0eced7ca1fcd74d62ea77fab592006693_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:31b9f0c3c8b1fef81a18bab856d011a0eced7ca1fcd74d62ea77fab592006693_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:31b9f0c3c8b1fef81a18bab856d011a0eced7ca1fcd74d62ea77fab592006693_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:31b9f0c3c8b1fef81a18bab856d011a0eced7ca1fcd74d62ea77fab592006693?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.8.7-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:439fec7733007049760eec9ab0befb17847d982cffe4f8175c96cab5cd3a033b_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:439fec7733007049760eec9ab0befb17847d982cffe4f8175c96cab5cd3a033b_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel9@sha256:439fec7733007049760eec9ab0befb17847d982cffe4f8175c96cab5cd3a033b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel9@sha256:439fec7733007049760eec9ab0befb17847d982cffe4f8175c96cab5cd3a033b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel9\u0026tag=v1.0.0-487"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d1dc69ba8b1a61c91bcc5cb3a8332c9e1065918c2b7f46ec6684e72b15d8a770_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d1dc69ba8b1a61c91bcc5cb3a8332c9e1065918c2b7f46ec6684e72b15d8a770_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d1dc69ba8b1a61c91bcc5cb3a8332c9e1065918c2b7f46ec6684e72b15d8a770_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:d1dc69ba8b1a61c91bcc5cb3a8332c9e1065918c2b7f46ec6684e72b15d8a770?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-233"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel9@sha256:b523e61f663f504c1d0405cf93527d4c16f3c1251602d4ddac02008d36bd1fbc_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:b523e61f663f504c1d0405cf93527d4c16f3c1251602d4ddac02008d36bd1fbc_amd64",
"product_id": "openshift-logging/logging-curator5-rhel9@sha256:b523e61f663f504c1d0405cf93527d4c16f3c1251602d4ddac02008d36bd1fbc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel9@sha256:b523e61f663f504c1d0405cf93527d4c16f3c1251602d4ddac02008d36bd1fbc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel9\u0026tag=v5.8.1-478"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel9@sha256:1bd4cac1d2078737bbfc2e4ed1b520d47ab66c68d0d7dd92abc414b0d36ed020_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:1bd4cac1d2078737bbfc2e4ed1b520d47ab66c68d0d7dd92abc414b0d36ed020_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel9@sha256:1bd4cac1d2078737bbfc2e4ed1b520d47ab66c68d0d7dd92abc414b0d36ed020_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel9@sha256:1bd4cac1d2078737bbfc2e4ed1b520d47ab66c68d0d7dd92abc414b0d36ed020?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel9\u0026tag=v6.8.1-412"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:01af9f73e47407759bfa083e0b75655ac02dcb5abbf42f1be40d21c9321a28cd_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:01af9f73e47407759bfa083e0b75655ac02dcb5abbf42f1be40d21c9321a28cd_amd64",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:01af9f73e47407759bfa083e0b75655ac02dcb5abbf42f1be40d21c9321a28cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:01af9f73e47407759bfa083e0b75655ac02dcb5abbf42f1be40d21c9321a28cd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-253"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:2a438b59400d0c8d2fd2801b090147a23c397782e2bb45b7f50a0bc621470dc1_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:2a438b59400d0c8d2fd2801b090147a23c397782e2bb45b7f50a0bc621470dc1_amd64",
"product_id": "openshift-logging/fluentd-rhel9@sha256:2a438b59400d0c8d2fd2801b090147a23c397782e2bb45b7f50a0bc621470dc1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:2a438b59400d0c8d2fd2801b090147a23c397782e2bb45b7f50a0bc621470dc1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.8.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:e7dabe43201427722af9cbfcbbe43b5169208ce0ca4088d4b5f6036c11946b77_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:e7dabe43201427722af9cbfcbbe43b5169208ce0ca4088d4b5f6036c11946b77_amd64",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:e7dabe43201427722af9cbfcbbe43b5169208ce0ca4088d4b5f6036c11946b77_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:e7dabe43201427722af9cbfcbbe43b5169208ce0ca4088d4b5f6036c11946b77?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v2.9.8-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:98eecb61c29c4eedd104b2ff5a429a303967765c59b5d49d9f725956be39bc77_amd64",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:98eecb61c29c4eedd104b2ff5a429a303967765c59b5d49d9f725956be39bc77_amd64",
"product_id": "openshift-logging/vector-rhel9@sha256:98eecb61c29c4eedd104b2ff5a429a303967765c59b5d49d9f725956be39bc77_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:98eecb61c29c4eedd104b2ff5a429a303967765c59b5d49d9f725956be39bc77?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.28.1-59"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:e54e78aa4119ec6f15298379d8713232485cea58e4bd974671239a10391144b8_amd64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:e54e78aa4119ec6f15298379d8713232485cea58e4bd974671239a10391144b8_amd64",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:e54e78aa4119ec6f15298379d8713232485cea58e4bd974671239a10391144b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:e54e78aa4119ec6f15298379d8713232485cea58e4bd974671239a10391144b8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.8.7-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:3170281fa5d979d062239d24af0778f902408db026d99c41603df9e48ec1a8ce_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:3170281fa5d979d062239d24af0778f902408db026d99c41603df9e48ec1a8ce_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:3170281fa5d979d062239d24af0778f902408db026d99c41603df9e48ec1a8ce_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:3170281fa5d979d062239d24af0778f902408db026d99c41603df9e48ec1a8ce?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.8.7-14"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:5e0f4bb4f490fbcc3e1498bf98967ef7ef0de273c3774ded8977eb774b624050_amd64",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:5e0f4bb4f490fbcc3e1498bf98967ef7ef0de273c3774ded8977eb774b624050_amd64",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:5e0f4bb4f490fbcc3e1498bf98967ef7ef0de273c3774ded8977eb774b624050_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:5e0f4bb4f490fbcc3e1498bf98967ef7ef0de273c3774ded8977eb774b624050?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.8.7-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:e94134307b0f854410f0c05ba14410588608910fca9ff6b526560072af0240d3_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:e94134307b0f854410f0c05ba14410588608910fca9ff6b526560072af0240d3_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:e94134307b0f854410f0c05ba14410588608910fca9ff6b526560072af0240d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:e94134307b0f854410f0c05ba14410588608910fca9ff6b526560072af0240d3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-548"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:6328bab5f26e96957ec4a67e503a37d1ec63f1da4f44c69f9d4f9daa98a193e7_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:6328bab5f26e96957ec4a67e503a37d1ec63f1da4f44c69f9d4f9daa98a193e7_amd64",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:6328bab5f26e96957ec4a67e503a37d1ec63f1da4f44c69f9d4f9daa98a193e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:6328bab5f26e96957ec4a67e503a37d1ec63f1da4f44c69f9d4f9daa98a193e7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-236"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:2303e515d38576bb4afb5dbed0edc076c64bea8edeb8c1cf6ff022798777babb_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:2303e515d38576bb4afb5dbed0edc076c64bea8edeb8c1cf6ff022798777babb_s390x",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:2303e515d38576bb4afb5dbed0edc076c64bea8edeb8c1cf6ff022798777babb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:2303e515d38576bb4afb5dbed0edc076c64bea8edeb8c1cf6ff022798777babb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.8.7-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:f67f38331f9bd962564523c4c47834e3adf988bb2ba6557228a94faadc12bb12_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:f67f38331f9bd962564523c4c47834e3adf988bb2ba6557228a94faadc12bb12_s390x",
"product_id": "openshift-logging/elasticsearch-rhel9-operator@sha256:f67f38331f9bd962564523c4c47834e3adf988bb2ba6557228a94faadc12bb12_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel9-operator@sha256:f67f38331f9bd962564523c4c47834e3adf988bb2ba6557228a94faadc12bb12?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel9-operator\u0026tag=v5.8.7-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:7393fa8a34232062577f9b78b53630dec2d79a383805e9305ca36d2d34ea5de0_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:7393fa8a34232062577f9b78b53630dec2d79a383805e9305ca36d2d34ea5de0_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel9@sha256:7393fa8a34232062577f9b78b53630dec2d79a383805e9305ca36d2d34ea5de0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel9@sha256:7393fa8a34232062577f9b78b53630dec2d79a383805e9305ca36d2d34ea5de0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel9\u0026tag=v1.0.0-487"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e726b9d7179c24e8b783406e583b286c8c97f2521dcf3e2ae9f0bfc32125c70b_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e726b9d7179c24e8b783406e583b286c8c97f2521dcf3e2ae9f0bfc32125c70b_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e726b9d7179c24e8b783406e583b286c8c97f2521dcf3e2ae9f0bfc32125c70b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:e726b9d7179c24e8b783406e583b286c8c97f2521dcf3e2ae9f0bfc32125c70b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-233"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel9@sha256:bf9affd56e58addf1e65623f16e6a8b322f76f2ca284bfe08ade508abbdc301a_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:bf9affd56e58addf1e65623f16e6a8b322f76f2ca284bfe08ade508abbdc301a_s390x",
"product_id": "openshift-logging/logging-curator5-rhel9@sha256:bf9affd56e58addf1e65623f16e6a8b322f76f2ca284bfe08ade508abbdc301a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel9@sha256:bf9affd56e58addf1e65623f16e6a8b322f76f2ca284bfe08ade508abbdc301a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel9\u0026tag=v5.8.1-478"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel9@sha256:2b88ad83be942f63d284d3e03b3c32142fedf46f5e7c3d3bbbb6f2451ae2daf5_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:2b88ad83be942f63d284d3e03b3c32142fedf46f5e7c3d3bbbb6f2451ae2daf5_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel9@sha256:2b88ad83be942f63d284d3e03b3c32142fedf46f5e7c3d3bbbb6f2451ae2daf5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel9@sha256:2b88ad83be942f63d284d3e03b3c32142fedf46f5e7c3d3bbbb6f2451ae2daf5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel9\u0026tag=v6.8.1-412"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:5c73ad6d58456f89b6393235b53d0674816e4eb628a5096b9d0072b60822c41b_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:5c73ad6d58456f89b6393235b53d0674816e4eb628a5096b9d0072b60822c41b_s390x",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:5c73ad6d58456f89b6393235b53d0674816e4eb628a5096b9d0072b60822c41b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:5c73ad6d58456f89b6393235b53d0674816e4eb628a5096b9d0072b60822c41b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-253"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:38081ff6228fe62ba00bfecf4d7b402d95d0c708eea8077bec37c792bb5dbfc7_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:38081ff6228fe62ba00bfecf4d7b402d95d0c708eea8077bec37c792bb5dbfc7_s390x",
"product_id": "openshift-logging/fluentd-rhel9@sha256:38081ff6228fe62ba00bfecf4d7b402d95d0c708eea8077bec37c792bb5dbfc7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:38081ff6228fe62ba00bfecf4d7b402d95d0c708eea8077bec37c792bb5dbfc7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.8.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:aea5a63e59a96553d1559a618b5914cfd2cf57ade813110a668310e5a542697d_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:aea5a63e59a96553d1559a618b5914cfd2cf57ade813110a668310e5a542697d_s390x",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:aea5a63e59a96553d1559a618b5914cfd2cf57ade813110a668310e5a542697d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:aea5a63e59a96553d1559a618b5914cfd2cf57ade813110a668310e5a542697d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v2.9.8-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:c5b0a8964b8974b4db3592300c25d9b51b03f6dc430ecf2f3028d4f056dfc21b_s390x",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:c5b0a8964b8974b4db3592300c25d9b51b03f6dc430ecf2f3028d4f056dfc21b_s390x",
"product_id": "openshift-logging/vector-rhel9@sha256:c5b0a8964b8974b4db3592300c25d9b51b03f6dc430ecf2f3028d4f056dfc21b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:c5b0a8964b8974b4db3592300c25d9b51b03f6dc430ecf2f3028d4f056dfc21b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.28.1-59"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:9f8cfeca68bfdbaa8a23b2e288c7a01e6b3bd163699cac68c910297a0ed033a6_s390x",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:9f8cfeca68bfdbaa8a23b2e288c7a01e6b3bd163699cac68c910297a0ed033a6_s390x",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:9f8cfeca68bfdbaa8a23b2e288c7a01e6b3bd163699cac68c910297a0ed033a6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:9f8cfeca68bfdbaa8a23b2e288c7a01e6b3bd163699cac68c910297a0ed033a6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.8.7-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:f016d7ac35adb908f25cf046f4b549faab8b8b47a40943112993f0827b5f2b6f_s390x",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:f016d7ac35adb908f25cf046f4b549faab8b8b47a40943112993f0827b5f2b6f_s390x",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:f016d7ac35adb908f25cf046f4b549faab8b8b47a40943112993f0827b5f2b6f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:f016d7ac35adb908f25cf046f4b549faab8b8b47a40943112993f0827b5f2b6f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.8.7-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:0a9db85b98926dbfc6443ffe43296cdbfcf57baf6b886cb06846aff7a86a941d_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:0a9db85b98926dbfc6443ffe43296cdbfcf57baf6b886cb06846aff7a86a941d_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:0a9db85b98926dbfc6443ffe43296cdbfcf57baf6b886cb06846aff7a86a941d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:0a9db85b98926dbfc6443ffe43296cdbfcf57baf6b886cb06846aff7a86a941d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-548"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:026041021fcc7d6006dbbdf4a1e4987045582a003616bab782ff2bc740576357_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:026041021fcc7d6006dbbdf4a1e4987045582a003616bab782ff2bc740576357_s390x",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:026041021fcc7d6006dbbdf4a1e4987045582a003616bab782ff2bc740576357_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:026041021fcc7d6006dbbdf4a1e4987045582a003616bab782ff2bc740576357?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-236"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:4dda7d95ec0daf96b89d3c7b65d46bc1a338beb6567b5456934bfbb056f351ab_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:4dda7d95ec0daf96b89d3c7b65d46bc1a338beb6567b5456934bfbb056f351ab_arm64",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:4dda7d95ec0daf96b89d3c7b65d46bc1a338beb6567b5456934bfbb056f351ab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:4dda7d95ec0daf96b89d3c7b65d46bc1a338beb6567b5456934bfbb056f351ab?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.8.7-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:f0ce5f22f7aa49797de754efa2b17c62c41558b00c558328691a21ff2c23c8cb_arm64",
"product": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:f0ce5f22f7aa49797de754efa2b17c62c41558b00c558328691a21ff2c23c8cb_arm64",
"product_id": "openshift-logging/elasticsearch-rhel9-operator@sha256:f0ce5f22f7aa49797de754efa2b17c62c41558b00c558328691a21ff2c23c8cb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel9-operator@sha256:f0ce5f22f7aa49797de754efa2b17c62c41558b00c558328691a21ff2c23c8cb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel9-operator\u0026tag=v5.8.7-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:02f01a7b607b0e5bec904e2b3dee2d5a870d68ce68598af81b8ff254b23bf570_arm64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:02f01a7b607b0e5bec904e2b3dee2d5a870d68ce68598af81b8ff254b23bf570_arm64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel9@sha256:02f01a7b607b0e5bec904e2b3dee2d5a870d68ce68598af81b8ff254b23bf570_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel9@sha256:02f01a7b607b0e5bec904e2b3dee2d5a870d68ce68598af81b8ff254b23bf570?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel9\u0026tag=v1.0.0-487"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:059d8783be55371bd75e772750e8697910cf8be40792e838843c81dfaadce19e_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:059d8783be55371bd75e772750e8697910cf8be40792e838843c81dfaadce19e_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:059d8783be55371bd75e772750e8697910cf8be40792e838843c81dfaadce19e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:059d8783be55371bd75e772750e8697910cf8be40792e838843c81dfaadce19e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-233"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel9@sha256:edb1bb40ff090f59ab734b84a0e45db949f320f151f9bbfc39529387c462f366_arm64",
"product": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:edb1bb40ff090f59ab734b84a0e45db949f320f151f9bbfc39529387c462f366_arm64",
"product_id": "openshift-logging/logging-curator5-rhel9@sha256:edb1bb40ff090f59ab734b84a0e45db949f320f151f9bbfc39529387c462f366_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel9@sha256:edb1bb40ff090f59ab734b84a0e45db949f320f151f9bbfc39529387c462f366?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel9\u0026tag=v5.8.1-478"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel9@sha256:c017dcb8062bcaeae7905c3a2bef4bf51b0822c91656093d0ae3a75c559716ea_arm64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:c017dcb8062bcaeae7905c3a2bef4bf51b0822c91656093d0ae3a75c559716ea_arm64",
"product_id": "openshift-logging/elasticsearch6-rhel9@sha256:c017dcb8062bcaeae7905c3a2bef4bf51b0822c91656093d0ae3a75c559716ea_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel9@sha256:c017dcb8062bcaeae7905c3a2bef4bf51b0822c91656093d0ae3a75c559716ea?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel9\u0026tag=v6.8.1-412"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:dbaadc1ba30b714a4e7720f427d0cd9f42864fa2f3ab45f3d8e8eb78b5562a2d_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:dbaadc1ba30b714a4e7720f427d0cd9f42864fa2f3ab45f3d8e8eb78b5562a2d_arm64",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:dbaadc1ba30b714a4e7720f427d0cd9f42864fa2f3ab45f3d8e8eb78b5562a2d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:dbaadc1ba30b714a4e7720f427d0cd9f42864fa2f3ab45f3d8e8eb78b5562a2d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-253"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:c4529e2d14e53da00c703efb9f4d255121aa3c3cbe1a007fc81bead882667dd9_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:c4529e2d14e53da00c703efb9f4d255121aa3c3cbe1a007fc81bead882667dd9_arm64",
"product_id": "openshift-logging/fluentd-rhel9@sha256:c4529e2d14e53da00c703efb9f4d255121aa3c3cbe1a007fc81bead882667dd9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:c4529e2d14e53da00c703efb9f4d255121aa3c3cbe1a007fc81bead882667dd9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.8.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:9b9bf7640468f5a13b35cc25e57421f1630d38bb6f01b7843e293eae6a033270_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:9b9bf7640468f5a13b35cc25e57421f1630d38bb6f01b7843e293eae6a033270_arm64",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:9b9bf7640468f5a13b35cc25e57421f1630d38bb6f01b7843e293eae6a033270_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:9b9bf7640468f5a13b35cc25e57421f1630d38bb6f01b7843e293eae6a033270?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v2.9.8-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:bdbd70f7308f48e4ba699cbf5e63389cca421ea77860f6a47de807e379e2974e_arm64",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:bdbd70f7308f48e4ba699cbf5e63389cca421ea77860f6a47de807e379e2974e_arm64",
"product_id": "openshift-logging/vector-rhel9@sha256:bdbd70f7308f48e4ba699cbf5e63389cca421ea77860f6a47de807e379e2974e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:bdbd70f7308f48e4ba699cbf5e63389cca421ea77860f6a47de807e379e2974e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.28.1-59"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:7cd78f6601cdfff63417365f2d9d1d485d54dfd05e7b9f01de0ec017f12bcbfa_arm64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:7cd78f6601cdfff63417365f2d9d1d485d54dfd05e7b9f01de0ec017f12bcbfa_arm64",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:7cd78f6601cdfff63417365f2d9d1d485d54dfd05e7b9f01de0ec017f12bcbfa_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:7cd78f6601cdfff63417365f2d9d1d485d54dfd05e7b9f01de0ec017f12bcbfa?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.8.7-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:25e497f6b2b94686fd01818c5342ecee68d9e6459774905970dbfb934717983d_arm64",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:25e497f6b2b94686fd01818c5342ecee68d9e6459774905970dbfb934717983d_arm64",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:25e497f6b2b94686fd01818c5342ecee68d9e6459774905970dbfb934717983d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:25e497f6b2b94686fd01818c5342ecee68d9e6459774905970dbfb934717983d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.8.7-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:a16eff217c55347425fac0236718c5ccbf729fd4782ab3a0796952bd99d05509_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:a16eff217c55347425fac0236718c5ccbf729fd4782ab3a0796952bd99d05509_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:a16eff217c55347425fac0236718c5ccbf729fd4782ab3a0796952bd99d05509_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:a16eff217c55347425fac0236718c5ccbf729fd4782ab3a0796952bd99d05509?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-548"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:80a706484f9c997623f1a36da8e2fe731c139618d2b4c0d3159b89684c74bae0_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:80a706484f9c997623f1a36da8e2fe731c139618d2b4c0d3159b89684c74bae0_arm64",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:80a706484f9c997623f1a36da8e2fe731c139618d2b4c0d3159b89684c74bae0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:80a706484f9c997623f1a36da8e2fe731c139618d2b4c0d3159b89684c74bae0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-236"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:e1da801f88284017b42bf0ab7bfa8d3246708a1d669c03e4f8e10b7e7b57328a_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:e1da801f88284017b42bf0ab7bfa8d3246708a1d669c03e4f8e10b7e7b57328a_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:e1da801f88284017b42bf0ab7bfa8d3246708a1d669c03e4f8e10b7e7b57328a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:e1da801f88284017b42bf0ab7bfa8d3246708a1d669c03e4f8e10b7e7b57328a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.8.7-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:705a960175390352ecbebdf1d329ea6a2d980f9c93a63d433ae93d0b04081db6_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:705a960175390352ecbebdf1d329ea6a2d980f9c93a63d433ae93d0b04081db6_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel9-operator@sha256:705a960175390352ecbebdf1d329ea6a2d980f9c93a63d433ae93d0b04081db6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel9-operator@sha256:705a960175390352ecbebdf1d329ea6a2d980f9c93a63d433ae93d0b04081db6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel9-operator\u0026tag=v5.8.7-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:526cb245f74190516468b380b1dfe302c7a270c6f5e40708a696d54df640e041_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:526cb245f74190516468b380b1dfe302c7a270c6f5e40708a696d54df640e041_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel9@sha256:526cb245f74190516468b380b1dfe302c7a270c6f5e40708a696d54df640e041_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel9@sha256:526cb245f74190516468b380b1dfe302c7a270c6f5e40708a696d54df640e041?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel9\u0026tag=v1.0.0-487"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:5fc34d4024f969fe3ec47a31336b90e8114e73fefa80d898b4ee826f1f4c7b65_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:5fc34d4024f969fe3ec47a31336b90e8114e73fefa80d898b4ee826f1f4c7b65_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:5fc34d4024f969fe3ec47a31336b90e8114e73fefa80d898b4ee826f1f4c7b65_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:5fc34d4024f969fe3ec47a31336b90e8114e73fefa80d898b4ee826f1f4c7b65?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-233"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel9@sha256:2e27c1dd9cfa13ba99f067cb223d1a29f16e751a68980fd6e9240175696871cd_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:2e27c1dd9cfa13ba99f067cb223d1a29f16e751a68980fd6e9240175696871cd_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel9@sha256:2e27c1dd9cfa13ba99f067cb223d1a29f16e751a68980fd6e9240175696871cd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel9@sha256:2e27c1dd9cfa13ba99f067cb223d1a29f16e751a68980fd6e9240175696871cd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel9\u0026tag=v5.8.1-478"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel9@sha256:851b0302ecdbe432c100fb18b443b6db70fe2c1558f0ce2a62f824a9035ae646_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:851b0302ecdbe432c100fb18b443b6db70fe2c1558f0ce2a62f824a9035ae646_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel9@sha256:851b0302ecdbe432c100fb18b443b6db70fe2c1558f0ce2a62f824a9035ae646_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel9@sha256:851b0302ecdbe432c100fb18b443b6db70fe2c1558f0ce2a62f824a9035ae646?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel9\u0026tag=v6.8.1-412"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:dd2aeab25497d540046526ab7f8c6f7ee4e8e287047188221ac63c46563f8673_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:dd2aeab25497d540046526ab7f8c6f7ee4e8e287047188221ac63c46563f8673_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:dd2aeab25497d540046526ab7f8c6f7ee4e8e287047188221ac63c46563f8673_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:dd2aeab25497d540046526ab7f8c6f7ee4e8e287047188221ac63c46563f8673?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-253"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:42d1eed6409836f5e73a119a46a179dec9e96d821d5d742dff35f08eb986807c_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:42d1eed6409836f5e73a119a46a179dec9e96d821d5d742dff35f08eb986807c_ppc64le",
"product_id": "openshift-logging/fluentd-rhel9@sha256:42d1eed6409836f5e73a119a46a179dec9e96d821d5d742dff35f08eb986807c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:42d1eed6409836f5e73a119a46a179dec9e96d821d5d742dff35f08eb986807c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.8.7-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:61c6df0a2e3f6215ec070bf810e70f77fb9c16934439b46856ddbac355d6c1b8_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:61c6df0a2e3f6215ec070bf810e70f77fb9c16934439b46856ddbac355d6c1b8_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:61c6df0a2e3f6215ec070bf810e70f77fb9c16934439b46856ddbac355d6c1b8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:61c6df0a2e3f6215ec070bf810e70f77fb9c16934439b46856ddbac355d6c1b8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v2.9.8-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:25329f71f3a1eb62f295787dca994f7a5cb4c3a9c0222216fc11dfc3716d721f_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:25329f71f3a1eb62f295787dca994f7a5cb4c3a9c0222216fc11dfc3716d721f_ppc64le",
"product_id": "openshift-logging/vector-rhel9@sha256:25329f71f3a1eb62f295787dca994f7a5cb4c3a9c0222216fc11dfc3716d721f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:25329f71f3a1eb62f295787dca994f7a5cb4c3a9c0222216fc11dfc3716d721f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.28.1-59"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:2806bedf9333e6bbe17338e4c4fb62ba98ce8e501a44d4339e5b010dd6555abd_ppc64le",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:2806bedf9333e6bbe17338e4c4fb62ba98ce8e501a44d4339e5b010dd6555abd_ppc64le",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:2806bedf9333e6bbe17338e4c4fb62ba98ce8e501a44d4339e5b010dd6555abd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:2806bedf9333e6bbe17338e4c4fb62ba98ce8e501a44d4339e5b010dd6555abd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.8.7-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:00f1889804cea0f835e0ce00ee365094866303e1e07ef70a3989f7cab63065a2_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:00f1889804cea0f835e0ce00ee365094866303e1e07ef70a3989f7cab63065a2_ppc64le",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:00f1889804cea0f835e0ce00ee365094866303e1e07ef70a3989f7cab63065a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:00f1889804cea0f835e0ce00ee365094866303e1e07ef70a3989f7cab63065a2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.8.7-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:928daa89c1def159ddc84ddb9796efe1b1ed8054775a7cf7c344b766c88fbd5b_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:928daa89c1def159ddc84ddb9796efe1b1ed8054775a7cf7c344b766c88fbd5b_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:928daa89c1def159ddc84ddb9796efe1b1ed8054775a7cf7c344b766c88fbd5b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:928daa89c1def159ddc84ddb9796efe1b1ed8054775a7cf7c344b766c88fbd5b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-548"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:f08484885461528f112d80ecba1297131e4163611ebf3574ecda6601ede9b288_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:f08484885461528f112d80ecba1297131e4163611ebf3574ecda6601ede9b288_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:f08484885461528f112d80ecba1297131e4163611ebf3574ecda6601ede9b288_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:f08484885461528f112d80ecba1297131e4163611ebf3574ecda6601ede9b288?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-236"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:c47be5a5806c99e8aff2ef30c723cb922a702645b898a58ab83a6d8d6e35e95e_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/cluster-logging-operator-bundle@sha256:c47be5a5806c99e8aff2ef30c723cb922a702645b898a58ab83a6d8d6e35e95e_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:c47be5a5806c99e8aff2ef30c723cb922a702645b898a58ab83a6d8d6e35e95e_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:2303e515d38576bb4afb5dbed0edc076c64bea8edeb8c1cf6ff022798777babb_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:2303e515d38576bb4afb5dbed0edc076c64bea8edeb8c1cf6ff022798777babb_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:2303e515d38576bb4afb5dbed0edc076c64bea8edeb8c1cf6ff022798777babb_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:4dda7d95ec0daf96b89d3c7b65d46bc1a338beb6567b5456934bfbb056f351ab_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:4dda7d95ec0daf96b89d3c7b65d46bc1a338beb6567b5456934bfbb056f351ab_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:4dda7d95ec0daf96b89d3c7b65d46bc1a338beb6567b5456934bfbb056f351ab_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:b83a2debfe95072729cc9db1917436d24b38c645ed58bba29c77f43363a3fbfb_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:b83a2debfe95072729cc9db1917436d24b38c645ed58bba29c77f43363a3fbfb_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:b83a2debfe95072729cc9db1917436d24b38c645ed58bba29c77f43363a3fbfb_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:e1da801f88284017b42bf0ab7bfa8d3246708a1d669c03e4f8e10b7e7b57328a_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:e1da801f88284017b42bf0ab7bfa8d3246708a1d669c03e4f8e10b7e7b57328a_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:e1da801f88284017b42bf0ab7bfa8d3246708a1d669c03e4f8e10b7e7b57328a_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:31b9f0c3c8b1fef81a18bab856d011a0eced7ca1fcd74d62ea77fab592006693_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-operator-bundle@sha256:31b9f0c3c8b1fef81a18bab856d011a0eced7ca1fcd74d62ea77fab592006693_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:31b9f0c3c8b1fef81a18bab856d011a0eced7ca1fcd74d62ea77fab592006693_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:02f01a7b607b0e5bec904e2b3dee2d5a870d68ce68598af81b8ff254b23bf570_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:02f01a7b607b0e5bec904e2b3dee2d5a870d68ce68598af81b8ff254b23bf570_arm64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel9@sha256:02f01a7b607b0e5bec904e2b3dee2d5a870d68ce68598af81b8ff254b23bf570_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:439fec7733007049760eec9ab0befb17847d982cffe4f8175c96cab5cd3a033b_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:439fec7733007049760eec9ab0befb17847d982cffe4f8175c96cab5cd3a033b_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel9@sha256:439fec7733007049760eec9ab0befb17847d982cffe4f8175c96cab5cd3a033b_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:526cb245f74190516468b380b1dfe302c7a270c6f5e40708a696d54df640e041_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:526cb245f74190516468b380b1dfe302c7a270c6f5e40708a696d54df640e041_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel9@sha256:526cb245f74190516468b380b1dfe302c7a270c6f5e40708a696d54df640e041_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel9@sha256:7393fa8a34232062577f9b78b53630dec2d79a383805e9305ca36d2d34ea5de0_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:7393fa8a34232062577f9b78b53630dec2d79a383805e9305ca36d2d34ea5de0_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel9@sha256:7393fa8a34232062577f9b78b53630dec2d79a383805e9305ca36d2d34ea5de0_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:705a960175390352ecbebdf1d329ea6a2d980f9c93a63d433ae93d0b04081db6_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:705a960175390352ecbebdf1d329ea6a2d980f9c93a63d433ae93d0b04081db6_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel9-operator@sha256:705a960175390352ecbebdf1d329ea6a2d980f9c93a63d433ae93d0b04081db6_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:de941d69b5e297abf6b832e2663ce657bad520073ad4f6302d17a8d6ebcb0588_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:de941d69b5e297abf6b832e2663ce657bad520073ad4f6302d17a8d6ebcb0588_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel9-operator@sha256:de941d69b5e297abf6b832e2663ce657bad520073ad4f6302d17a8d6ebcb0588_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:f0ce5f22f7aa49797de754efa2b17c62c41558b00c558328691a21ff2c23c8cb_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:f0ce5f22f7aa49797de754efa2b17c62c41558b00c558328691a21ff2c23c8cb_arm64"
},
"product_reference": "openshift-logging/elasticsearch-rhel9-operator@sha256:f0ce5f22f7aa49797de754efa2b17c62c41558b00c558328691a21ff2c23c8cb_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel9-operator@sha256:f67f38331f9bd962564523c4c47834e3adf988bb2ba6557228a94faadc12bb12_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:f67f38331f9bd962564523c4c47834e3adf988bb2ba6557228a94faadc12bb12_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel9-operator@sha256:f67f38331f9bd962564523c4c47834e3adf988bb2ba6557228a94faadc12bb12_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:1bd4cac1d2078737bbfc2e4ed1b520d47ab66c68d0d7dd92abc414b0d36ed020_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:1bd4cac1d2078737bbfc2e4ed1b520d47ab66c68d0d7dd92abc414b0d36ed020_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel9@sha256:1bd4cac1d2078737bbfc2e4ed1b520d47ab66c68d0d7dd92abc414b0d36ed020_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:2b88ad83be942f63d284d3e03b3c32142fedf46f5e7c3d3bbbb6f2451ae2daf5_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:2b88ad83be942f63d284d3e03b3c32142fedf46f5e7c3d3bbbb6f2451ae2daf5_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel9@sha256:2b88ad83be942f63d284d3e03b3c32142fedf46f5e7c3d3bbbb6f2451ae2daf5_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:851b0302ecdbe432c100fb18b443b6db70fe2c1558f0ce2a62f824a9035ae646_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:851b0302ecdbe432c100fb18b443b6db70fe2c1558f0ce2a62f824a9035ae646_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel9@sha256:851b0302ecdbe432c100fb18b443b6db70fe2c1558f0ce2a62f824a9035ae646_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel9@sha256:c017dcb8062bcaeae7905c3a2bef4bf51b0822c91656093d0ae3a75c559716ea_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:c017dcb8062bcaeae7905c3a2bef4bf51b0822c91656093d0ae3a75c559716ea_arm64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel9@sha256:c017dcb8062bcaeae7905c3a2bef4bf51b0822c91656093d0ae3a75c559716ea_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:01af9f73e47407759bfa083e0b75655ac02dcb5abbf42f1be40d21c9321a28cd_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:01af9f73e47407759bfa083e0b75655ac02dcb5abbf42f1be40d21c9321a28cd_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:01af9f73e47407759bfa083e0b75655ac02dcb5abbf42f1be40d21c9321a28cd_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:5c73ad6d58456f89b6393235b53d0674816e4eb628a5096b9d0072b60822c41b_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:5c73ad6d58456f89b6393235b53d0674816e4eb628a5096b9d0072b60822c41b_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:5c73ad6d58456f89b6393235b53d0674816e4eb628a5096b9d0072b60822c41b_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:dbaadc1ba30b714a4e7720f427d0cd9f42864fa2f3ab45f3d8e8eb78b5562a2d_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:dbaadc1ba30b714a4e7720f427d0cd9f42864fa2f3ab45f3d8e8eb78b5562a2d_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:dbaadc1ba30b714a4e7720f427d0cd9f42864fa2f3ab45f3d8e8eb78b5562a2d_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:dd2aeab25497d540046526ab7f8c6f7ee4e8e287047188221ac63c46563f8673_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:dd2aeab25497d540046526ab7f8c6f7ee4e8e287047188221ac63c46563f8673_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:dd2aeab25497d540046526ab7f8c6f7ee4e8e287047188221ac63c46563f8673_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:2a438b59400d0c8d2fd2801b090147a23c397782e2bb45b7f50a0bc621470dc1_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:2a438b59400d0c8d2fd2801b090147a23c397782e2bb45b7f50a0bc621470dc1_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:2a438b59400d0c8d2fd2801b090147a23c397782e2bb45b7f50a0bc621470dc1_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:38081ff6228fe62ba00bfecf4d7b402d95d0c708eea8077bec37c792bb5dbfc7_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:38081ff6228fe62ba00bfecf4d7b402d95d0c708eea8077bec37c792bb5dbfc7_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:38081ff6228fe62ba00bfecf4d7b402d95d0c708eea8077bec37c792bb5dbfc7_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:42d1eed6409836f5e73a119a46a179dec9e96d821d5d742dff35f08eb986807c_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:42d1eed6409836f5e73a119a46a179dec9e96d821d5d742dff35f08eb986807c_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:42d1eed6409836f5e73a119a46a179dec9e96d821d5d742dff35f08eb986807c_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:c4529e2d14e53da00c703efb9f4d255121aa3c3cbe1a007fc81bead882667dd9_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:c4529e2d14e53da00c703efb9f4d255121aa3c3cbe1a007fc81bead882667dd9_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:c4529e2d14e53da00c703efb9f4d255121aa3c3cbe1a007fc81bead882667dd9_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:059d8783be55371bd75e772750e8697910cf8be40792e838843c81dfaadce19e_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:059d8783be55371bd75e772750e8697910cf8be40792e838843c81dfaadce19e_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:059d8783be55371bd75e772750e8697910cf8be40792e838843c81dfaadce19e_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:5fc34d4024f969fe3ec47a31336b90e8114e73fefa80d898b4ee826f1f4c7b65_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:5fc34d4024f969fe3ec47a31336b90e8114e73fefa80d898b4ee826f1f4c7b65_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:5fc34d4024f969fe3ec47a31336b90e8114e73fefa80d898b4ee826f1f4c7b65_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d1dc69ba8b1a61c91bcc5cb3a8332c9e1065918c2b7f46ec6684e72b15d8a770_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:d1dc69ba8b1a61c91bcc5cb3a8332c9e1065918c2b7f46ec6684e72b15d8a770_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d1dc69ba8b1a61c91bcc5cb3a8332c9e1065918c2b7f46ec6684e72b15d8a770_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e726b9d7179c24e8b783406e583b286c8c97f2521dcf3e2ae9f0bfc32125c70b_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:e726b9d7179c24e8b783406e583b286c8c97f2521dcf3e2ae9f0bfc32125c70b_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:e726b9d7179c24e8b783406e583b286c8c97f2521dcf3e2ae9f0bfc32125c70b_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:2e27c1dd9cfa13ba99f067cb223d1a29f16e751a68980fd6e9240175696871cd_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:2e27c1dd9cfa13ba99f067cb223d1a29f16e751a68980fd6e9240175696871cd_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel9@sha256:2e27c1dd9cfa13ba99f067cb223d1a29f16e751a68980fd6e9240175696871cd_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:b523e61f663f504c1d0405cf93527d4c16f3c1251602d4ddac02008d36bd1fbc_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:b523e61f663f504c1d0405cf93527d4c16f3c1251602d4ddac02008d36bd1fbc_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel9@sha256:b523e61f663f504c1d0405cf93527d4c16f3c1251602d4ddac02008d36bd1fbc_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:bf9affd56e58addf1e65623f16e6a8b322f76f2ca284bfe08ade508abbdc301a_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:bf9affd56e58addf1e65623f16e6a8b322f76f2ca284bfe08ade508abbdc301a_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel9@sha256:bf9affd56e58addf1e65623f16e6a8b322f76f2ca284bfe08ade508abbdc301a_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel9@sha256:edb1bb40ff090f59ab734b84a0e45db949f320f151f9bbfc39529387c462f366_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:edb1bb40ff090f59ab734b84a0e45db949f320f151f9bbfc39529387c462f366_arm64"
},
"product_reference": "openshift-logging/logging-curator5-rhel9@sha256:edb1bb40ff090f59ab734b84a0e45db949f320f151f9bbfc39529387c462f366_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:61c6df0a2e3f6215ec070bf810e70f77fb9c16934439b46856ddbac355d6c1b8_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:61c6df0a2e3f6215ec070bf810e70f77fb9c16934439b46856ddbac355d6c1b8_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:61c6df0a2e3f6215ec070bf810e70f77fb9c16934439b46856ddbac355d6c1b8_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:9b9bf7640468f5a13b35cc25e57421f1630d38bb6f01b7843e293eae6a033270_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:9b9bf7640468f5a13b35cc25e57421f1630d38bb6f01b7843e293eae6a033270_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:9b9bf7640468f5a13b35cc25e57421f1630d38bb6f01b7843e293eae6a033270_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:aea5a63e59a96553d1559a618b5914cfd2cf57ade813110a668310e5a542697d_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:aea5a63e59a96553d1559a618b5914cfd2cf57ade813110a668310e5a542697d_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:aea5a63e59a96553d1559a618b5914cfd2cf57ade813110a668310e5a542697d_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:e7dabe43201427722af9cbfcbbe43b5169208ce0ca4088d4b5f6036c11946b77_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:e7dabe43201427722af9cbfcbbe43b5169208ce0ca4088d4b5f6036c11946b77_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:e7dabe43201427722af9cbfcbbe43b5169208ce0ca4088d4b5f6036c11946b77_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:2806bedf9333e6bbe17338e4c4fb62ba98ce8e501a44d4339e5b010dd6555abd_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:2806bedf9333e6bbe17338e4c4fb62ba98ce8e501a44d4339e5b010dd6555abd_ppc64le"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:2806bedf9333e6bbe17338e4c4fb62ba98ce8e501a44d4339e5b010dd6555abd_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:7cd78f6601cdfff63417365f2d9d1d485d54dfd05e7b9f01de0ec017f12bcbfa_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:7cd78f6601cdfff63417365f2d9d1d485d54dfd05e7b9f01de0ec017f12bcbfa_arm64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:7cd78f6601cdfff63417365f2d9d1d485d54dfd05e7b9f01de0ec017f12bcbfa_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:9f8cfeca68bfdbaa8a23b2e288c7a01e6b3bd163699cac68c910297a0ed033a6_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:9f8cfeca68bfdbaa8a23b2e288c7a01e6b3bd163699cac68c910297a0ed033a6_s390x"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:9f8cfeca68bfdbaa8a23b2e288c7a01e6b3bd163699cac68c910297a0ed033a6_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:e54e78aa4119ec6f15298379d8713232485cea58e4bd974671239a10391144b8_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:e54e78aa4119ec6f15298379d8713232485cea58e4bd974671239a10391144b8_amd64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:e54e78aa4119ec6f15298379d8713232485cea58e4bd974671239a10391144b8_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:3170281fa5d979d062239d24af0778f902408db026d99c41603df9e48ec1a8ce_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/loki-operator-bundle@sha256:3170281fa5d979d062239d24af0778f902408db026d99c41603df9e48ec1a8ce_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:3170281fa5d979d062239d24af0778f902408db026d99c41603df9e48ec1a8ce_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:00f1889804cea0f835e0ce00ee365094866303e1e07ef70a3989f7cab63065a2_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:00f1889804cea0f835e0ce00ee365094866303e1e07ef70a3989f7cab63065a2_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:00f1889804cea0f835e0ce00ee365094866303e1e07ef70a3989f7cab63065a2_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:25e497f6b2b94686fd01818c5342ecee68d9e6459774905970dbfb934717983d_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:25e497f6b2b94686fd01818c5342ecee68d9e6459774905970dbfb934717983d_arm64"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:25e497f6b2b94686fd01818c5342ecee68d9e6459774905970dbfb934717983d_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:5e0f4bb4f490fbcc3e1498bf98967ef7ef0de273c3774ded8977eb774b624050_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:5e0f4bb4f490fbcc3e1498bf98967ef7ef0de273c3774ded8977eb774b624050_amd64"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:5e0f4bb4f490fbcc3e1498bf98967ef7ef0de273c3774ded8977eb774b624050_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:f016d7ac35adb908f25cf046f4b549faab8b8b47a40943112993f0827b5f2b6f_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:f016d7ac35adb908f25cf046f4b549faab8b8b47a40943112993f0827b5f2b6f_s390x"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:f016d7ac35adb908f25cf046f4b549faab8b8b47a40943112993f0827b5f2b6f_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:0a9db85b98926dbfc6443ffe43296cdbfcf57baf6b886cb06846aff7a86a941d_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:0a9db85b98926dbfc6443ffe43296cdbfcf57baf6b886cb06846aff7a86a941d_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:0a9db85b98926dbfc6443ffe43296cdbfcf57baf6b886cb06846aff7a86a941d_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:928daa89c1def159ddc84ddb9796efe1b1ed8054775a7cf7c344b766c88fbd5b_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:928daa89c1def159ddc84ddb9796efe1b1ed8054775a7cf7c344b766c88fbd5b_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:928daa89c1def159ddc84ddb9796efe1b1ed8054775a7cf7c344b766c88fbd5b_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:a16eff217c55347425fac0236718c5ccbf729fd4782ab3a0796952bd99d05509_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:a16eff217c55347425fac0236718c5ccbf729fd4782ab3a0796952bd99d05509_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:a16eff217c55347425fac0236718c5ccbf729fd4782ab3a0796952bd99d05509_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:e94134307b0f854410f0c05ba14410588608910fca9ff6b526560072af0240d3_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:e94134307b0f854410f0c05ba14410588608910fca9ff6b526560072af0240d3_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:e94134307b0f854410f0c05ba14410588608910fca9ff6b526560072af0240d3_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:026041021fcc7d6006dbbdf4a1e4987045582a003616bab782ff2bc740576357_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:026041021fcc7d6006dbbdf4a1e4987045582a003616bab782ff2bc740576357_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:026041021fcc7d6006dbbdf4a1e4987045582a003616bab782ff2bc740576357_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:6328bab5f26e96957ec4a67e503a37d1ec63f1da4f44c69f9d4f9daa98a193e7_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:6328bab5f26e96957ec4a67e503a37d1ec63f1da4f44c69f9d4f9daa98a193e7_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:6328bab5f26e96957ec4a67e503a37d1ec63f1da4f44c69f9d4f9daa98a193e7_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:80a706484f9c997623f1a36da8e2fe731c139618d2b4c0d3159b89684c74bae0_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:80a706484f9c997623f1a36da8e2fe731c139618d2b4c0d3159b89684c74bae0_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:80a706484f9c997623f1a36da8e2fe731c139618d2b4c0d3159b89684c74bae0_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:f08484885461528f112d80ecba1297131e4163611ebf3574ecda6601ede9b288_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:f08484885461528f112d80ecba1297131e4163611ebf3574ecda6601ede9b288_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:f08484885461528f112d80ecba1297131e4163611ebf3574ecda6601ede9b288_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:25329f71f3a1eb62f295787dca994f7a5cb4c3a9c0222216fc11dfc3716d721f_ppc64le as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:25329f71f3a1eb62f295787dca994f7a5cb4c3a9c0222216fc11dfc3716d721f_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:25329f71f3a1eb62f295787dca994f7a5cb4c3a9c0222216fc11dfc3716d721f_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:98eecb61c29c4eedd104b2ff5a429a303967765c59b5d49d9f725956be39bc77_amd64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:98eecb61c29c4eedd104b2ff5a429a303967765c59b5d49d9f725956be39bc77_amd64"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:98eecb61c29c4eedd104b2ff5a429a303967765c59b5d49d9f725956be39bc77_amd64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:bdbd70f7308f48e4ba699cbf5e63389cca421ea77860f6a47de807e379e2974e_arm64 as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:bdbd70f7308f48e4ba699cbf5e63389cca421ea77860f6a47de807e379e2974e_arm64"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:bdbd70f7308f48e4ba699cbf5e63389cca421ea77860f6a47de807e379e2974e_arm64",
"relates_to_product_reference": "9Base-RHOL-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:c5b0a8964b8974b4db3592300c25d9b51b03f6dc430ecf2f3028d4f056dfc21b_s390x as a component of RHOL 5.8 for RHEL 9",
"product_id": "9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:c5b0a8964b8974b4db3592300c25d9b51b03f6dc430ecf2f3028d4f056dfc21b_s390x"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:c5b0a8964b8974b4db3592300c25d9b51b03f6dc430ecf2f3028d4f056dfc21b_s390x",
"relates_to_product_reference": "9Base-RHOL-5.8"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOL-5.8:openshift-logging/cluster-logging-operator-bundle@sha256:c47be5a5806c99e8aff2ef30c723cb922a702645b898a58ab83a6d8d6e35e95e_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:2303e515d38576bb4afb5dbed0edc076c64bea8edeb8c1cf6ff022798777babb_s390x",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:4dda7d95ec0daf96b89d3c7b65d46bc1a338beb6567b5456934bfbb056f351ab_arm64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:b83a2debfe95072729cc9db1917436d24b38c645ed58bba29c77f43363a3fbfb_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:e1da801f88284017b42bf0ab7bfa8d3246708a1d669c03e4f8e10b7e7b57328a_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-operator-bundle@sha256:31b9f0c3c8b1fef81a18bab856d011a0eced7ca1fcd74d62ea77fab592006693_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:02f01a7b607b0e5bec904e2b3dee2d5a870d68ce68598af81b8ff254b23bf570_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:439fec7733007049760eec9ab0befb17847d982cffe4f8175c96cab5cd3a033b_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:526cb245f74190516468b380b1dfe302c7a270c6f5e40708a696d54df640e041_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:7393fa8a34232062577f9b78b53630dec2d79a383805e9305ca36d2d34ea5de0_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:705a960175390352ecbebdf1d329ea6a2d980f9c93a63d433ae93d0b04081db6_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:de941d69b5e297abf6b832e2663ce657bad520073ad4f6302d17a8d6ebcb0588_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:f0ce5f22f7aa49797de754efa2b17c62c41558b00c558328691a21ff2c23c8cb_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:f67f38331f9bd962564523c4c47834e3adf988bb2ba6557228a94faadc12bb12_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:1bd4cac1d2078737bbfc2e4ed1b520d47ab66c68d0d7dd92abc414b0d36ed020_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:2b88ad83be942f63d284d3e03b3c32142fedf46f5e7c3d3bbbb6f2451ae2daf5_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:851b0302ecdbe432c100fb18b443b6db70fe2c1558f0ce2a62f824a9035ae646_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:c017dcb8062bcaeae7905c3a2bef4bf51b0822c91656093d0ae3a75c559716ea_arm64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:01af9f73e47407759bfa083e0b75655ac02dcb5abbf42f1be40d21c9321a28cd_amd64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:5c73ad6d58456f89b6393235b53d0674816e4eb628a5096b9d0072b60822c41b_s390x",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:dbaadc1ba30b714a4e7720f427d0cd9f42864fa2f3ab45f3d8e8eb78b5562a2d_arm64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:dd2aeab25497d540046526ab7f8c6f7ee4e8e287047188221ac63c46563f8673_ppc64le",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:2a438b59400d0c8d2fd2801b090147a23c397782e2bb45b7f50a0bc621470dc1_amd64",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:38081ff6228fe62ba00bfecf4d7b402d95d0c708eea8077bec37c792bb5dbfc7_s390x",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:42d1eed6409836f5e73a119a46a179dec9e96d821d5d742dff35f08eb986807c_ppc64le",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:c4529e2d14e53da00c703efb9f4d255121aa3c3cbe1a007fc81bead882667dd9_arm64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:059d8783be55371bd75e772750e8697910cf8be40792e838843c81dfaadce19e_arm64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:5fc34d4024f969fe3ec47a31336b90e8114e73fefa80d898b4ee826f1f4c7b65_ppc64le",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:d1dc69ba8b1a61c91bcc5cb3a8332c9e1065918c2b7f46ec6684e72b15d8a770_amd64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:e726b9d7179c24e8b783406e583b286c8c97f2521dcf3e2ae9f0bfc32125c70b_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:2e27c1dd9cfa13ba99f067cb223d1a29f16e751a68980fd6e9240175696871cd_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:b523e61f663f504c1d0405cf93527d4c16f3c1251602d4ddac02008d36bd1fbc_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:bf9affd56e58addf1e65623f16e6a8b322f76f2ca284bfe08ade508abbdc301a_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:edb1bb40ff090f59ab734b84a0e45db949f320f151f9bbfc39529387c462f366_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:61c6df0a2e3f6215ec070bf810e70f77fb9c16934439b46856ddbac355d6c1b8_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:9b9bf7640468f5a13b35cc25e57421f1630d38bb6f01b7843e293eae6a033270_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:aea5a63e59a96553d1559a618b5914cfd2cf57ade813110a668310e5a542697d_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:e7dabe43201427722af9cbfcbbe43b5169208ce0ca4088d4b5f6036c11946b77_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:2806bedf9333e6bbe17338e4c4fb62ba98ce8e501a44d4339e5b010dd6555abd_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:7cd78f6601cdfff63417365f2d9d1d485d54dfd05e7b9f01de0ec017f12bcbfa_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:9f8cfeca68bfdbaa8a23b2e288c7a01e6b3bd163699cac68c910297a0ed033a6_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:e54e78aa4119ec6f15298379d8713232485cea58e4bd974671239a10391144b8_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-operator-bundle@sha256:3170281fa5d979d062239d24af0778f902408db026d99c41603df9e48ec1a8ce_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:00f1889804cea0f835e0ce00ee365094866303e1e07ef70a3989f7cab63065a2_ppc64le",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:25e497f6b2b94686fd01818c5342ecee68d9e6459774905970dbfb934717983d_arm64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:5e0f4bb4f490fbcc3e1498bf98967ef7ef0de273c3774ded8977eb774b624050_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:f016d7ac35adb908f25cf046f4b549faab8b8b47a40943112993f0827b5f2b6f_s390x",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:0a9db85b98926dbfc6443ffe43296cdbfcf57baf6b886cb06846aff7a86a941d_s390x",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:928daa89c1def159ddc84ddb9796efe1b1ed8054775a7cf7c344b766c88fbd5b_ppc64le",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:a16eff217c55347425fac0236718c5ccbf729fd4782ab3a0796952bd99d05509_arm64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:e94134307b0f854410f0c05ba14410588608910fca9ff6b526560072af0240d3_amd64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:026041021fcc7d6006dbbdf4a1e4987045582a003616bab782ff2bc740576357_s390x",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:6328bab5f26e96957ec4a67e503a37d1ec63f1da4f44c69f9d4f9daa98a193e7_amd64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:80a706484f9c997623f1a36da8e2fe731c139618d2b4c0d3159b89684c74bae0_arm64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:f08484885461528f112d80ecba1297131e4163611ebf3574ecda6601ede9b288_ppc64le",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:25329f71f3a1eb62f295787dca994f7a5cb4c3a9c0222216fc11dfc3716d721f_ppc64le",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:98eecb61c29c4eedd104b2ff5a429a303967765c59b5d49d9f725956be39bc77_amd64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:bdbd70f7308f48e4ba699cbf5e63389cca421ea77860f6a47de807e379e2974e_arm64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:c5b0a8964b8974b4db3592300c25d9b51b03f6dc430ecf2f3028d4f056dfc21b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-23T07:08:54+00:00",
"details": "For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html\n\nFor Red Hat OpenShift Logging 5.8, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.13/logging/cluster-logging-upgrading.html",
"product_ids": [
"9Base-RHOL-5.8:openshift-logging/cluster-logging-operator-bundle@sha256:c47be5a5806c99e8aff2ef30c723cb922a702645b898a58ab83a6d8d6e35e95e_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:2303e515d38576bb4afb5dbed0edc076c64bea8edeb8c1cf6ff022798777babb_s390x",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:4dda7d95ec0daf96b89d3c7b65d46bc1a338beb6567b5456934bfbb056f351ab_arm64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:b83a2debfe95072729cc9db1917436d24b38c645ed58bba29c77f43363a3fbfb_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:e1da801f88284017b42bf0ab7bfa8d3246708a1d669c03e4f8e10b7e7b57328a_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-operator-bundle@sha256:31b9f0c3c8b1fef81a18bab856d011a0eced7ca1fcd74d62ea77fab592006693_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:02f01a7b607b0e5bec904e2b3dee2d5a870d68ce68598af81b8ff254b23bf570_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:439fec7733007049760eec9ab0befb17847d982cffe4f8175c96cab5cd3a033b_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:526cb245f74190516468b380b1dfe302c7a270c6f5e40708a696d54df640e041_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:7393fa8a34232062577f9b78b53630dec2d79a383805e9305ca36d2d34ea5de0_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:705a960175390352ecbebdf1d329ea6a2d980f9c93a63d433ae93d0b04081db6_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:de941d69b5e297abf6b832e2663ce657bad520073ad4f6302d17a8d6ebcb0588_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:f0ce5f22f7aa49797de754efa2b17c62c41558b00c558328691a21ff2c23c8cb_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:f67f38331f9bd962564523c4c47834e3adf988bb2ba6557228a94faadc12bb12_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:1bd4cac1d2078737bbfc2e4ed1b520d47ab66c68d0d7dd92abc414b0d36ed020_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:2b88ad83be942f63d284d3e03b3c32142fedf46f5e7c3d3bbbb6f2451ae2daf5_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:851b0302ecdbe432c100fb18b443b6db70fe2c1558f0ce2a62f824a9035ae646_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:c017dcb8062bcaeae7905c3a2bef4bf51b0822c91656093d0ae3a75c559716ea_arm64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:01af9f73e47407759bfa083e0b75655ac02dcb5abbf42f1be40d21c9321a28cd_amd64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:5c73ad6d58456f89b6393235b53d0674816e4eb628a5096b9d0072b60822c41b_s390x",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:dbaadc1ba30b714a4e7720f427d0cd9f42864fa2f3ab45f3d8e8eb78b5562a2d_arm64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:dd2aeab25497d540046526ab7f8c6f7ee4e8e287047188221ac63c46563f8673_ppc64le",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:2a438b59400d0c8d2fd2801b090147a23c397782e2bb45b7f50a0bc621470dc1_amd64",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:38081ff6228fe62ba00bfecf4d7b402d95d0c708eea8077bec37c792bb5dbfc7_s390x",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:42d1eed6409836f5e73a119a46a179dec9e96d821d5d742dff35f08eb986807c_ppc64le",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:c4529e2d14e53da00c703efb9f4d255121aa3c3cbe1a007fc81bead882667dd9_arm64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:059d8783be55371bd75e772750e8697910cf8be40792e838843c81dfaadce19e_arm64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:5fc34d4024f969fe3ec47a31336b90e8114e73fefa80d898b4ee826f1f4c7b65_ppc64le",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:d1dc69ba8b1a61c91bcc5cb3a8332c9e1065918c2b7f46ec6684e72b15d8a770_amd64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:e726b9d7179c24e8b783406e583b286c8c97f2521dcf3e2ae9f0bfc32125c70b_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:2e27c1dd9cfa13ba99f067cb223d1a29f16e751a68980fd6e9240175696871cd_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:b523e61f663f504c1d0405cf93527d4c16f3c1251602d4ddac02008d36bd1fbc_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:bf9affd56e58addf1e65623f16e6a8b322f76f2ca284bfe08ade508abbdc301a_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:edb1bb40ff090f59ab734b84a0e45db949f320f151f9bbfc39529387c462f366_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:61c6df0a2e3f6215ec070bf810e70f77fb9c16934439b46856ddbac355d6c1b8_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:9b9bf7640468f5a13b35cc25e57421f1630d38bb6f01b7843e293eae6a033270_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:aea5a63e59a96553d1559a618b5914cfd2cf57ade813110a668310e5a542697d_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:e7dabe43201427722af9cbfcbbe43b5169208ce0ca4088d4b5f6036c11946b77_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:2806bedf9333e6bbe17338e4c4fb62ba98ce8e501a44d4339e5b010dd6555abd_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:7cd78f6601cdfff63417365f2d9d1d485d54dfd05e7b9f01de0ec017f12bcbfa_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:9f8cfeca68bfdbaa8a23b2e288c7a01e6b3bd163699cac68c910297a0ed033a6_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:e54e78aa4119ec6f15298379d8713232485cea58e4bd974671239a10391144b8_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-operator-bundle@sha256:3170281fa5d979d062239d24af0778f902408db026d99c41603df9e48ec1a8ce_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:00f1889804cea0f835e0ce00ee365094866303e1e07ef70a3989f7cab63065a2_ppc64le",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:25e497f6b2b94686fd01818c5342ecee68d9e6459774905970dbfb934717983d_arm64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:5e0f4bb4f490fbcc3e1498bf98967ef7ef0de273c3774ded8977eb774b624050_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:f016d7ac35adb908f25cf046f4b549faab8b8b47a40943112993f0827b5f2b6f_s390x",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:0a9db85b98926dbfc6443ffe43296cdbfcf57baf6b886cb06846aff7a86a941d_s390x",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:928daa89c1def159ddc84ddb9796efe1b1ed8054775a7cf7c344b766c88fbd5b_ppc64le",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:a16eff217c55347425fac0236718c5ccbf729fd4782ab3a0796952bd99d05509_arm64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:e94134307b0f854410f0c05ba14410588608910fca9ff6b526560072af0240d3_amd64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:026041021fcc7d6006dbbdf4a1e4987045582a003616bab782ff2bc740576357_s390x",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:6328bab5f26e96957ec4a67e503a37d1ec63f1da4f44c69f9d4f9daa98a193e7_amd64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:80a706484f9c997623f1a36da8e2fe731c139618d2b4c0d3159b89684c74bae0_arm64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:f08484885461528f112d80ecba1297131e4163611ebf3574ecda6601ede9b288_ppc64le",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:25329f71f3a1eb62f295787dca994f7a5cb4c3a9c0222216fc11dfc3716d721f_ppc64le",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:98eecb61c29c4eedd104b2ff5a429a303967765c59b5d49d9f725956be39bc77_amd64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:bdbd70f7308f48e4ba699cbf5e63389cca421ea77860f6a47de807e379e2974e_arm64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:c5b0a8964b8974b4db3592300c25d9b51b03f6dc430ecf2f3028d4f056dfc21b_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2932"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"9Base-RHOL-5.8:openshift-logging/cluster-logging-operator-bundle@sha256:c47be5a5806c99e8aff2ef30c723cb922a702645b898a58ab83a6d8d6e35e95e_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:2303e515d38576bb4afb5dbed0edc076c64bea8edeb8c1cf6ff022798777babb_s390x",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:4dda7d95ec0daf96b89d3c7b65d46bc1a338beb6567b5456934bfbb056f351ab_arm64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:b83a2debfe95072729cc9db1917436d24b38c645ed58bba29c77f43363a3fbfb_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:e1da801f88284017b42bf0ab7bfa8d3246708a1d669c03e4f8e10b7e7b57328a_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-operator-bundle@sha256:31b9f0c3c8b1fef81a18bab856d011a0eced7ca1fcd74d62ea77fab592006693_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:02f01a7b607b0e5bec904e2b3dee2d5a870d68ce68598af81b8ff254b23bf570_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:439fec7733007049760eec9ab0befb17847d982cffe4f8175c96cab5cd3a033b_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:526cb245f74190516468b380b1dfe302c7a270c6f5e40708a696d54df640e041_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:7393fa8a34232062577f9b78b53630dec2d79a383805e9305ca36d2d34ea5de0_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:705a960175390352ecbebdf1d329ea6a2d980f9c93a63d433ae93d0b04081db6_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:de941d69b5e297abf6b832e2663ce657bad520073ad4f6302d17a8d6ebcb0588_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:f0ce5f22f7aa49797de754efa2b17c62c41558b00c558328691a21ff2c23c8cb_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:f67f38331f9bd962564523c4c47834e3adf988bb2ba6557228a94faadc12bb12_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:1bd4cac1d2078737bbfc2e4ed1b520d47ab66c68d0d7dd92abc414b0d36ed020_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:2b88ad83be942f63d284d3e03b3c32142fedf46f5e7c3d3bbbb6f2451ae2daf5_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:851b0302ecdbe432c100fb18b443b6db70fe2c1558f0ce2a62f824a9035ae646_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:c017dcb8062bcaeae7905c3a2bef4bf51b0822c91656093d0ae3a75c559716ea_arm64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:01af9f73e47407759bfa083e0b75655ac02dcb5abbf42f1be40d21c9321a28cd_amd64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:5c73ad6d58456f89b6393235b53d0674816e4eb628a5096b9d0072b60822c41b_s390x",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:dbaadc1ba30b714a4e7720f427d0cd9f42864fa2f3ab45f3d8e8eb78b5562a2d_arm64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:dd2aeab25497d540046526ab7f8c6f7ee4e8e287047188221ac63c46563f8673_ppc64le",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:2a438b59400d0c8d2fd2801b090147a23c397782e2bb45b7f50a0bc621470dc1_amd64",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:38081ff6228fe62ba00bfecf4d7b402d95d0c708eea8077bec37c792bb5dbfc7_s390x",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:42d1eed6409836f5e73a119a46a179dec9e96d821d5d742dff35f08eb986807c_ppc64le",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:c4529e2d14e53da00c703efb9f4d255121aa3c3cbe1a007fc81bead882667dd9_arm64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:059d8783be55371bd75e772750e8697910cf8be40792e838843c81dfaadce19e_arm64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:5fc34d4024f969fe3ec47a31336b90e8114e73fefa80d898b4ee826f1f4c7b65_ppc64le",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:d1dc69ba8b1a61c91bcc5cb3a8332c9e1065918c2b7f46ec6684e72b15d8a770_amd64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:e726b9d7179c24e8b783406e583b286c8c97f2521dcf3e2ae9f0bfc32125c70b_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:2e27c1dd9cfa13ba99f067cb223d1a29f16e751a68980fd6e9240175696871cd_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:b523e61f663f504c1d0405cf93527d4c16f3c1251602d4ddac02008d36bd1fbc_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:bf9affd56e58addf1e65623f16e6a8b322f76f2ca284bfe08ade508abbdc301a_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:edb1bb40ff090f59ab734b84a0e45db949f320f151f9bbfc39529387c462f366_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:61c6df0a2e3f6215ec070bf810e70f77fb9c16934439b46856ddbac355d6c1b8_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:9b9bf7640468f5a13b35cc25e57421f1630d38bb6f01b7843e293eae6a033270_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:aea5a63e59a96553d1559a618b5914cfd2cf57ade813110a668310e5a542697d_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:e7dabe43201427722af9cbfcbbe43b5169208ce0ca4088d4b5f6036c11946b77_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:2806bedf9333e6bbe17338e4c4fb62ba98ce8e501a44d4339e5b010dd6555abd_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:7cd78f6601cdfff63417365f2d9d1d485d54dfd05e7b9f01de0ec017f12bcbfa_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:9f8cfeca68bfdbaa8a23b2e288c7a01e6b3bd163699cac68c910297a0ed033a6_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:e54e78aa4119ec6f15298379d8713232485cea58e4bd974671239a10391144b8_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-operator-bundle@sha256:3170281fa5d979d062239d24af0778f902408db026d99c41603df9e48ec1a8ce_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:00f1889804cea0f835e0ce00ee365094866303e1e07ef70a3989f7cab63065a2_ppc64le",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:25e497f6b2b94686fd01818c5342ecee68d9e6459774905970dbfb934717983d_arm64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:5e0f4bb4f490fbcc3e1498bf98967ef7ef0de273c3774ded8977eb774b624050_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:f016d7ac35adb908f25cf046f4b549faab8b8b47a40943112993f0827b5f2b6f_s390x",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:0a9db85b98926dbfc6443ffe43296cdbfcf57baf6b886cb06846aff7a86a941d_s390x",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:928daa89c1def159ddc84ddb9796efe1b1ed8054775a7cf7c344b766c88fbd5b_ppc64le",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:a16eff217c55347425fac0236718c5ccbf729fd4782ab3a0796952bd99d05509_arm64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:e94134307b0f854410f0c05ba14410588608910fca9ff6b526560072af0240d3_amd64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:026041021fcc7d6006dbbdf4a1e4987045582a003616bab782ff2bc740576357_s390x",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:6328bab5f26e96957ec4a67e503a37d1ec63f1da4f44c69f9d4f9daa98a193e7_amd64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:80a706484f9c997623f1a36da8e2fe731c139618d2b4c0d3159b89684c74bae0_arm64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:f08484885461528f112d80ecba1297131e4163611ebf3574ecda6601ede9b288_ppc64le",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:25329f71f3a1eb62f295787dca994f7a5cb4c3a9c0222216fc11dfc3716d721f_ppc64le",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:98eecb61c29c4eedd104b2ff5a429a303967765c59b5d49d9f725956be39bc77_amd64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:bdbd70f7308f48e4ba699cbf5e63389cca421ea77860f6a47de807e379e2974e_arm64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:c5b0a8964b8974b4db3592300c25d9b51b03f6dc430ecf2f3028d4f056dfc21b_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOL-5.8:openshift-logging/cluster-logging-operator-bundle@sha256:c47be5a5806c99e8aff2ef30c723cb922a702645b898a58ab83a6d8d6e35e95e_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:2303e515d38576bb4afb5dbed0edc076c64bea8edeb8c1cf6ff022798777babb_s390x",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:4dda7d95ec0daf96b89d3c7b65d46bc1a338beb6567b5456934bfbb056f351ab_arm64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:b83a2debfe95072729cc9db1917436d24b38c645ed58bba29c77f43363a3fbfb_amd64",
"9Base-RHOL-5.8:openshift-logging/cluster-logging-rhel9-operator@sha256:e1da801f88284017b42bf0ab7bfa8d3246708a1d669c03e4f8e10b7e7b57328a_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-operator-bundle@sha256:31b9f0c3c8b1fef81a18bab856d011a0eced7ca1fcd74d62ea77fab592006693_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:02f01a7b607b0e5bec904e2b3dee2d5a870d68ce68598af81b8ff254b23bf570_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:439fec7733007049760eec9ab0befb17847d982cffe4f8175c96cab5cd3a033b_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:526cb245f74190516468b380b1dfe302c7a270c6f5e40708a696d54df640e041_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-proxy-rhel9@sha256:7393fa8a34232062577f9b78b53630dec2d79a383805e9305ca36d2d34ea5de0_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:705a960175390352ecbebdf1d329ea6a2d980f9c93a63d433ae93d0b04081db6_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:de941d69b5e297abf6b832e2663ce657bad520073ad4f6302d17a8d6ebcb0588_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:f0ce5f22f7aa49797de754efa2b17c62c41558b00c558328691a21ff2c23c8cb_arm64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch-rhel9-operator@sha256:f67f38331f9bd962564523c4c47834e3adf988bb2ba6557228a94faadc12bb12_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:1bd4cac1d2078737bbfc2e4ed1b520d47ab66c68d0d7dd92abc414b0d36ed020_amd64",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:2b88ad83be942f63d284d3e03b3c32142fedf46f5e7c3d3bbbb6f2451ae2daf5_s390x",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:851b0302ecdbe432c100fb18b443b6db70fe2c1558f0ce2a62f824a9035ae646_ppc64le",
"9Base-RHOL-5.8:openshift-logging/elasticsearch6-rhel9@sha256:c017dcb8062bcaeae7905c3a2bef4bf51b0822c91656093d0ae3a75c559716ea_arm64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:01af9f73e47407759bfa083e0b75655ac02dcb5abbf42f1be40d21c9321a28cd_amd64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:5c73ad6d58456f89b6393235b53d0674816e4eb628a5096b9d0072b60822c41b_s390x",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:dbaadc1ba30b714a4e7720f427d0cd9f42864fa2f3ab45f3d8e8eb78b5562a2d_arm64",
"9Base-RHOL-5.8:openshift-logging/eventrouter-rhel9@sha256:dd2aeab25497d540046526ab7f8c6f7ee4e8e287047188221ac63c46563f8673_ppc64le",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:2a438b59400d0c8d2fd2801b090147a23c397782e2bb45b7f50a0bc621470dc1_amd64",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:38081ff6228fe62ba00bfecf4d7b402d95d0c708eea8077bec37c792bb5dbfc7_s390x",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:42d1eed6409836f5e73a119a46a179dec9e96d821d5d742dff35f08eb986807c_ppc64le",
"9Base-RHOL-5.8:openshift-logging/fluentd-rhel9@sha256:c4529e2d14e53da00c703efb9f4d255121aa3c3cbe1a007fc81bead882667dd9_arm64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:059d8783be55371bd75e772750e8697910cf8be40792e838843c81dfaadce19e_arm64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:5fc34d4024f969fe3ec47a31336b90e8114e73fefa80d898b4ee826f1f4c7b65_ppc64le",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:d1dc69ba8b1a61c91bcc5cb3a8332c9e1065918c2b7f46ec6684e72b15d8a770_amd64",
"9Base-RHOL-5.8:openshift-logging/log-file-metric-exporter-rhel9@sha256:e726b9d7179c24e8b783406e583b286c8c97f2521dcf3e2ae9f0bfc32125c70b_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:2e27c1dd9cfa13ba99f067cb223d1a29f16e751a68980fd6e9240175696871cd_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:b523e61f663f504c1d0405cf93527d4c16f3c1251602d4ddac02008d36bd1fbc_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:bf9affd56e58addf1e65623f16e6a8b322f76f2ca284bfe08ade508abbdc301a_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-curator5-rhel9@sha256:edb1bb40ff090f59ab734b84a0e45db949f320f151f9bbfc39529387c462f366_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:61c6df0a2e3f6215ec070bf810e70f77fb9c16934439b46856ddbac355d6c1b8_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:9b9bf7640468f5a13b35cc25e57421f1630d38bb6f01b7843e293eae6a033270_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:aea5a63e59a96553d1559a618b5914cfd2cf57ade813110a668310e5a542697d_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-loki-rhel9@sha256:e7dabe43201427722af9cbfcbbe43b5169208ce0ca4088d4b5f6036c11946b77_amd64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:2806bedf9333e6bbe17338e4c4fb62ba98ce8e501a44d4339e5b010dd6555abd_ppc64le",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:7cd78f6601cdfff63417365f2d9d1d485d54dfd05e7b9f01de0ec017f12bcbfa_arm64",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:9f8cfeca68bfdbaa8a23b2e288c7a01e6b3bd163699cac68c910297a0ed033a6_s390x",
"9Base-RHOL-5.8:openshift-logging/logging-view-plugin-rhel9@sha256:e54e78aa4119ec6f15298379d8713232485cea58e4bd974671239a10391144b8_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-operator-bundle@sha256:3170281fa5d979d062239d24af0778f902408db026d99c41603df9e48ec1a8ce_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:00f1889804cea0f835e0ce00ee365094866303e1e07ef70a3989f7cab63065a2_ppc64le",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:25e497f6b2b94686fd01818c5342ecee68d9e6459774905970dbfb934717983d_arm64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:5e0f4bb4f490fbcc3e1498bf98967ef7ef0de273c3774ded8977eb774b624050_amd64",
"9Base-RHOL-5.8:openshift-logging/loki-rhel9-operator@sha256:f016d7ac35adb908f25cf046f4b549faab8b8b47a40943112993f0827b5f2b6f_s390x",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:0a9db85b98926dbfc6443ffe43296cdbfcf57baf6b886cb06846aff7a86a941d_s390x",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:928daa89c1def159ddc84ddb9796efe1b1ed8054775a7cf7c344b766c88fbd5b_ppc64le",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:a16eff217c55347425fac0236718c5ccbf729fd4782ab3a0796952bd99d05509_arm64",
"9Base-RHOL-5.8:openshift-logging/lokistack-gateway-rhel9@sha256:e94134307b0f854410f0c05ba14410588608910fca9ff6b526560072af0240d3_amd64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:026041021fcc7d6006dbbdf4a1e4987045582a003616bab782ff2bc740576357_s390x",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:6328bab5f26e96957ec4a67e503a37d1ec63f1da4f44c69f9d4f9daa98a193e7_amd64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:80a706484f9c997623f1a36da8e2fe731c139618d2b4c0d3159b89684c74bae0_arm64",
"9Base-RHOL-5.8:openshift-logging/opa-openshift-rhel9@sha256:f08484885461528f112d80ecba1297131e4163611ebf3574ecda6601ede9b288_ppc64le",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:25329f71f3a1eb62f295787dca994f7a5cb4c3a9c0222216fc11dfc3716d721f_ppc64le",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:98eecb61c29c4eedd104b2ff5a429a303967765c59b5d49d9f725956be39bc77_amd64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:bdbd70f7308f48e4ba699cbf5e63389cca421ea77860f6a47de807e379e2974e_arm64",
"9Base-RHOL-5.8:openshift-logging/vector-rhel9@sha256:c5b0a8964b8974b4db3592300c25d9b51b03f6dc430ecf2f3028d4f056dfc21b_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
}
]
}
RHSA-2024:2933
Vulnerability from csaf_redhat - Published: 2024-05-23 06:20 - Updated: 2026-06-02 15:09Summary
Red Hat Security Advisory: logging for Red Hat OpenShift security update
Severity
Important
Notes
Topic: An update is now available for RHOL-5.9-RHEL-9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: An update is now available for RHOL-5.9-RHEL-9.
Security Fix(es):
* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:a75b8dc9936e65b2ffbcca73a47456b38e6a2dc406f39577c6646ce8d33c5238_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:16ab3024f9162cdb35e94994ddf180c6dc3ddf00a7a8dbeef439f4bd913586d7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:387887a51d53040ab5740e4879802f1d22d517832a6ced9d23c816b8b99628dc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:988d3b3d190f02843552bc389d25c5909b62547c2ebd2ca0b6f2cb82470dbd23_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:b681e152d1534c53b3c0eec088060dc2af74d5be33136ae7c2e19cad3d88d829_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:3b1c2089a6e83b1ae4ba64c42e882439054118f356fdd64ec916176a997ac854_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:9ce41fbe39e9483f854bcbffee9799f219aea90796062b2bd11be3440a9de525_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a57906b3fefd8eb0fa0603cb8755278978f34d925720b8ac30098604cf0a4179_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:efb30e1aab21a9d2b68317c46e9c257c1342a0336296d9cf2702eef2300501d2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:0c49b5b637eb960dfefbd22855f2a29690564d93b8afe52f0a437a85be919a61_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:47bff7b6c79af4793cd04cbec1f0a28ec2eef0d0f11dfe86aea87fafc369be64_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e0d349969484482a2e02e5bd65b0a2a14379118935cfab29d9b875aa1fc3b28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:aaf2dd9162077621883a3b52bd87fe3a6a86275f3fc45dafe494ab1f97b62f5a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:879b38f0cf7fa776f298a4cee08e35f92f35f792c42fbfd2f7a03f3f50bfbef1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:d318895fe58db2b899d76975a18bd3858d4e76a6a5de5d2917ccdf3290734d9c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:d80ef1784f96465d305c50888176db38b2566e9991769b25445d485d47ada5b4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:de02ae0bf1936e581f2c094188885a6678487e291874f601a403b57a06cddb2f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d40fa988963f381718d124e59387dad32d1d958e52f63a28ac48409bdfd1eec_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:249cf561231b5a793354263fd859382229a2c700639367ba8e12979385431349_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:d7a273e837f49536edc95f79fff0cefad5419717518390433200e7cbbe299194_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:dbfa3914b34fd20a494da31e1920e926417627656f9b2761832ddbdcdd3e780e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:04e3d5de1f21d91e7234a0d2af6e096d02b845dfc1826cdeebc642eeda67049c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:713be73184bd943c98edd0761eae838c73ef3e2ad3c54d5236c70fe4ed62e073_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:b1be984196fa8641d129c0a70e46651448b58516220a488efcb51f8639357f7a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:ec1c839b591a2c7b044abf21486dfc998b4434ff2c23a93cbf393b714f6dbc95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:68dd8394cf3f44d9827cb7b8976044e23d92349262334c8def4b2d15cde7a8e3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:06b890fc00bc1cd8cd0fb3264a0588ebc3bf8c581b1923aaa7fc56161a931b50_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:095068a422f174e35e3dfa16dc424c13e6dba5c59d2469a18fc08a1cf450e9e4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:1ffc4bdc3b1ed8296208d63545e7a97a657c0124f7c27c616f2b56424f392025_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:4974a3ced8c308d257e52162ff0c40f562650965d27df34cb6110fb6ccee7733_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:3c99722d349e2b6d640e8bf3d27c8af1705376db5a581b55abcad82487263f05_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8d7bd7a959c3d645fad27dafa83aa3267891f6c92c359be2d3e679b516b37491_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:a352d682e5e375e9c4d290611353a07984f976d694cc67918883e17674ac8b8c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:ab621b9f3ac6390e0457a7bb362be27dd071092ba247d34e341a827d392ec547_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:1d78020e8f3a383caee4e1ef7b94eabf064a79b6bf6eee75630c370d692a4f02_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:4d9d91f06898e4fe73873c29ab7caf6f5a27647d88b323eda65d64ddeba89d7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:5d72c559dc381d3fc815f54b5491be0a72e193e31bf800e337e19ba5d6a98746_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:db0266ed24e85f1e869f5c6c74cd968135f218eb26de51047541fac13794b7a5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:1ec24450d98b058769d0d7846d965b3142be24a9b5cc0493f4d6be229a97e2d8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:44147d843590342c9e7642834161a81f887d7388f689b2cf3e4f5167cf7b0cd0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:7a55232ce85ddad2b40040eb105df730d812e421ac03a6377544e576e90ad006_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:f11cd33e6565579f4391276a875dc736e94c9da18a5ed4685d9017d48dc083e0_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
17 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for RHOL-5.9-RHEL-9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for RHOL-5.9-RHEL-9.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2933",
"url": "https://access.redhat.com/errata/RHSA-2024:2933"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "LOG-4910",
"url": "https://issues.redhat.com/browse/LOG-4910"
},
{
"category": "external",
"summary": "LOG-5156",
"url": "https://issues.redhat.com/browse/LOG-5156"
},
{
"category": "external",
"summary": "LOG-5308",
"url": "https://issues.redhat.com/browse/LOG-5308"
},
{
"category": "external",
"summary": "LOG-5426",
"url": "https://issues.redhat.com/browse/LOG-5426"
},
{
"category": "external",
"summary": "LOG-5466",
"url": "https://issues.redhat.com/browse/LOG-5466"
},
{
"category": "external",
"summary": "LOG-5504",
"url": "https://issues.redhat.com/browse/LOG-5504"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2933.json"
}
],
"title": "Red Hat Security Advisory: logging for Red Hat OpenShift security update",
"tracking": {
"current_release_date": "2026-06-02T15:09:43+00:00",
"generator": {
"date": "2026-06-02T15:09:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:2933",
"initial_release_date": "2024-05-23T06:20:48+00:00",
"revision_history": [
{
"date": "2024-05-23T06:20:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-23T06:20:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:09:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.9 for RHEL 9",
"product": {
"name": "RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.9::el9"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:16ab3024f9162cdb35e94994ddf180c6dc3ddf00a7a8dbeef439f4bd913586d7_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:16ab3024f9162cdb35e94994ddf180c6dc3ddf00a7a8dbeef439f4bd913586d7_amd64",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:16ab3024f9162cdb35e94994ddf180c6dc3ddf00a7a8dbeef439f4bd913586d7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:16ab3024f9162cdb35e94994ddf180c6dc3ddf00a7a8dbeef439f4bd913586d7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.9.2-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:a75b8dc9936e65b2ffbcca73a47456b38e6a2dc406f39577c6646ce8d33c5238_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:a75b8dc9936e65b2ffbcca73a47456b38e6a2dc406f39577c6646ce8d33c5238_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:a75b8dc9936e65b2ffbcca73a47456b38e6a2dc406f39577c6646ce8d33c5238_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:a75b8dc9936e65b2ffbcca73a47456b38e6a2dc406f39577c6646ce8d33c5238?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.9.2-17"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d318895fe58db2b899d76975a18bd3858d4e76a6a5de5d2917ccdf3290734d9c_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d318895fe58db2b899d76975a18bd3858d4e76a6a5de5d2917ccdf3290734d9c_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d318895fe58db2b899d76975a18bd3858d4e76a6a5de5d2917ccdf3290734d9c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:d318895fe58db2b899d76975a18bd3858d4e76a6a5de5d2917ccdf3290734d9c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-232"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:a57906b3fefd8eb0fa0603cb8755278978f34d925720b8ac30098604cf0a4179_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:a57906b3fefd8eb0fa0603cb8755278978f34d925720b8ac30098604cf0a4179_amd64",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:a57906b3fefd8eb0fa0603cb8755278978f34d925720b8ac30098604cf0a4179_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:a57906b3fefd8eb0fa0603cb8755278978f34d925720b8ac30098604cf0a4179?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-252"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:47bff7b6c79af4793cd04cbec1f0a28ec2eef0d0f11dfe86aea87fafc369be64_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:47bff7b6c79af4793cd04cbec1f0a28ec2eef0d0f11dfe86aea87fafc369be64_amd64",
"product_id": "openshift-logging/fluentd-rhel9@sha256:47bff7b6c79af4793cd04cbec1f0a28ec2eef0d0f11dfe86aea87fafc369be64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:47bff7b6c79af4793cd04cbec1f0a28ec2eef0d0f11dfe86aea87fafc369be64?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.9.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:1d40fa988963f381718d124e59387dad32d1d958e52f63a28ac48409bdfd1eec_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:1d40fa988963f381718d124e59387dad32d1d958e52f63a28ac48409bdfd1eec_amd64",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:1d40fa988963f381718d124e59387dad32d1d958e52f63a28ac48409bdfd1eec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:1d40fa988963f381718d124e59387dad32d1d958e52f63a28ac48409bdfd1eec?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v2.9.8-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:44147d843590342c9e7642834161a81f887d7388f689b2cf3e4f5167cf7b0cd0_amd64",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:44147d843590342c9e7642834161a81f887d7388f689b2cf3e4f5167cf7b0cd0_amd64",
"product_id": "openshift-logging/vector-rhel9@sha256:44147d843590342c9e7642834161a81f887d7388f689b2cf3e4f5167cf7b0cd0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:44147d843590342c9e7642834161a81f887d7388f689b2cf3e4f5167cf7b0cd0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.34.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:04e3d5de1f21d91e7234a0d2af6e096d02b845dfc1826cdeebc642eeda67049c_amd64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:04e3d5de1f21d91e7234a0d2af6e096d02b845dfc1826cdeebc642eeda67049c_amd64",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:04e3d5de1f21d91e7234a0d2af6e096d02b845dfc1826cdeebc642eeda67049c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:04e3d5de1f21d91e7234a0d2af6e096d02b845dfc1826cdeebc642eeda67049c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.9.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:68dd8394cf3f44d9827cb7b8976044e23d92349262334c8def4b2d15cde7a8e3_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:68dd8394cf3f44d9827cb7b8976044e23d92349262334c8def4b2d15cde7a8e3_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:68dd8394cf3f44d9827cb7b8976044e23d92349262334c8def4b2d15cde7a8e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:68dd8394cf3f44d9827cb7b8976044e23d92349262334c8def4b2d15cde7a8e3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.9.2-13"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:06b890fc00bc1cd8cd0fb3264a0588ebc3bf8c581b1923aaa7fc56161a931b50_amd64",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:06b890fc00bc1cd8cd0fb3264a0588ebc3bf8c581b1923aaa7fc56161a931b50_amd64",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:06b890fc00bc1cd8cd0fb3264a0588ebc3bf8c581b1923aaa7fc56161a931b50_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:06b890fc00bc1cd8cd0fb3264a0588ebc3bf8c581b1923aaa7fc56161a931b50?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.9.2-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:8d7bd7a959c3d645fad27dafa83aa3267891f6c92c359be2d3e679b516b37491_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:8d7bd7a959c3d645fad27dafa83aa3267891f6c92c359be2d3e679b516b37491_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:8d7bd7a959c3d645fad27dafa83aa3267891f6c92c359be2d3e679b516b37491_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:8d7bd7a959c3d645fad27dafa83aa3267891f6c92c359be2d3e679b516b37491?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-552"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:1d78020e8f3a383caee4e1ef7b94eabf064a79b6bf6eee75630c370d692a4f02_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:1d78020e8f3a383caee4e1ef7b94eabf064a79b6bf6eee75630c370d692a4f02_amd64",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:1d78020e8f3a383caee4e1ef7b94eabf064a79b6bf6eee75630c370d692a4f02_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:1d78020e8f3a383caee4e1ef7b94eabf064a79b6bf6eee75630c370d692a4f02?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-235"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:988d3b3d190f02843552bc389d25c5909b62547c2ebd2ca0b6f2cb82470dbd23_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:988d3b3d190f02843552bc389d25c5909b62547c2ebd2ca0b6f2cb82470dbd23_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:988d3b3d190f02843552bc389d25c5909b62547c2ebd2ca0b6f2cb82470dbd23_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:988d3b3d190f02843552bc389d25c5909b62547c2ebd2ca0b6f2cb82470dbd23?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.9.2-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d80ef1784f96465d305c50888176db38b2566e9991769b25445d485d47ada5b4_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d80ef1784f96465d305c50888176db38b2566e9991769b25445d485d47ada5b4_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d80ef1784f96465d305c50888176db38b2566e9991769b25445d485d47ada5b4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:d80ef1784f96465d305c50888176db38b2566e9991769b25445d485d47ada5b4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-232"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:3b1c2089a6e83b1ae4ba64c42e882439054118f356fdd64ec916176a997ac854_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:3b1c2089a6e83b1ae4ba64c42e882439054118f356fdd64ec916176a997ac854_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:3b1c2089a6e83b1ae4ba64c42e882439054118f356fdd64ec916176a997ac854_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:3b1c2089a6e83b1ae4ba64c42e882439054118f356fdd64ec916176a997ac854?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-252"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:aaf2dd9162077621883a3b52bd87fe3a6a86275f3fc45dafe494ab1f97b62f5a_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:aaf2dd9162077621883a3b52bd87fe3a6a86275f3fc45dafe494ab1f97b62f5a_ppc64le",
"product_id": "openshift-logging/fluentd-rhel9@sha256:aaf2dd9162077621883a3b52bd87fe3a6a86275f3fc45dafe494ab1f97b62f5a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:aaf2dd9162077621883a3b52bd87fe3a6a86275f3fc45dafe494ab1f97b62f5a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.9.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:d7a273e837f49536edc95f79fff0cefad5419717518390433200e7cbbe299194_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:d7a273e837f49536edc95f79fff0cefad5419717518390433200e7cbbe299194_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:d7a273e837f49536edc95f79fff0cefad5419717518390433200e7cbbe299194_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:d7a273e837f49536edc95f79fff0cefad5419717518390433200e7cbbe299194?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v2.9.8-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:7a55232ce85ddad2b40040eb105df730d812e421ac03a6377544e576e90ad006_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:7a55232ce85ddad2b40040eb105df730d812e421ac03a6377544e576e90ad006_ppc64le",
"product_id": "openshift-logging/vector-rhel9@sha256:7a55232ce85ddad2b40040eb105df730d812e421ac03a6377544e576e90ad006_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:7a55232ce85ddad2b40040eb105df730d812e421ac03a6377544e576e90ad006?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.34.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:ec1c839b591a2c7b044abf21486dfc998b4434ff2c23a93cbf393b714f6dbc95_ppc64le",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:ec1c839b591a2c7b044abf21486dfc998b4434ff2c23a93cbf393b714f6dbc95_ppc64le",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:ec1c839b591a2c7b044abf21486dfc998b4434ff2c23a93cbf393b714f6dbc95_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:ec1c839b591a2c7b044abf21486dfc998b4434ff2c23a93cbf393b714f6dbc95?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.9.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:1ffc4bdc3b1ed8296208d63545e7a97a657c0124f7c27c616f2b56424f392025_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:1ffc4bdc3b1ed8296208d63545e7a97a657c0124f7c27c616f2b56424f392025_ppc64le",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:1ffc4bdc3b1ed8296208d63545e7a97a657c0124f7c27c616f2b56424f392025_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:1ffc4bdc3b1ed8296208d63545e7a97a657c0124f7c27c616f2b56424f392025?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.9.2-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:3c99722d349e2b6d640e8bf3d27c8af1705376db5a581b55abcad82487263f05_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:3c99722d349e2b6d640e8bf3d27c8af1705376db5a581b55abcad82487263f05_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:3c99722d349e2b6d640e8bf3d27c8af1705376db5a581b55abcad82487263f05_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:3c99722d349e2b6d640e8bf3d27c8af1705376db5a581b55abcad82487263f05?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-552"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:4d9d91f06898e4fe73873c29ab7caf6f5a27647d88b323eda65d64ddeba89d7b_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:4d9d91f06898e4fe73873c29ab7caf6f5a27647d88b323eda65d64ddeba89d7b_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:4d9d91f06898e4fe73873c29ab7caf6f5a27647d88b323eda65d64ddeba89d7b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:4d9d91f06898e4fe73873c29ab7caf6f5a27647d88b323eda65d64ddeba89d7b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-235"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:387887a51d53040ab5740e4879802f1d22d517832a6ced9d23c816b8b99628dc_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:387887a51d53040ab5740e4879802f1d22d517832a6ced9d23c816b8b99628dc_arm64",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:387887a51d53040ab5740e4879802f1d22d517832a6ced9d23c816b8b99628dc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:387887a51d53040ab5740e4879802f1d22d517832a6ced9d23c816b8b99628dc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.9.2-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:879b38f0cf7fa776f298a4cee08e35f92f35f792c42fbfd2f7a03f3f50bfbef1_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:879b38f0cf7fa776f298a4cee08e35f92f35f792c42fbfd2f7a03f3f50bfbef1_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:879b38f0cf7fa776f298a4cee08e35f92f35f792c42fbfd2f7a03f3f50bfbef1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:879b38f0cf7fa776f298a4cee08e35f92f35f792c42fbfd2f7a03f3f50bfbef1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-232"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:9ce41fbe39e9483f854bcbffee9799f219aea90796062b2bd11be3440a9de525_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:9ce41fbe39e9483f854bcbffee9799f219aea90796062b2bd11be3440a9de525_arm64",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:9ce41fbe39e9483f854bcbffee9799f219aea90796062b2bd11be3440a9de525_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:9ce41fbe39e9483f854bcbffee9799f219aea90796062b2bd11be3440a9de525?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-252"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:6e0d349969484482a2e02e5bd65b0a2a14379118935cfab29d9b875aa1fc3b28_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:6e0d349969484482a2e02e5bd65b0a2a14379118935cfab29d9b875aa1fc3b28_arm64",
"product_id": "openshift-logging/fluentd-rhel9@sha256:6e0d349969484482a2e02e5bd65b0a2a14379118935cfab29d9b875aa1fc3b28_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:6e0d349969484482a2e02e5bd65b0a2a14379118935cfab29d9b875aa1fc3b28?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.9.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:dbfa3914b34fd20a494da31e1920e926417627656f9b2761832ddbdcdd3e780e_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:dbfa3914b34fd20a494da31e1920e926417627656f9b2761832ddbdcdd3e780e_arm64",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:dbfa3914b34fd20a494da31e1920e926417627656f9b2761832ddbdcdd3e780e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:dbfa3914b34fd20a494da31e1920e926417627656f9b2761832ddbdcdd3e780e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v2.9.8-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:f11cd33e6565579f4391276a875dc736e94c9da18a5ed4685d9017d48dc083e0_arm64",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:f11cd33e6565579f4391276a875dc736e94c9da18a5ed4685d9017d48dc083e0_arm64",
"product_id": "openshift-logging/vector-rhel9@sha256:f11cd33e6565579f4391276a875dc736e94c9da18a5ed4685d9017d48dc083e0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:f11cd33e6565579f4391276a875dc736e94c9da18a5ed4685d9017d48dc083e0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.34.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:713be73184bd943c98edd0761eae838c73ef3e2ad3c54d5236c70fe4ed62e073_arm64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:713be73184bd943c98edd0761eae838c73ef3e2ad3c54d5236c70fe4ed62e073_arm64",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:713be73184bd943c98edd0761eae838c73ef3e2ad3c54d5236c70fe4ed62e073_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:713be73184bd943c98edd0761eae838c73ef3e2ad3c54d5236c70fe4ed62e073?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.9.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:095068a422f174e35e3dfa16dc424c13e6dba5c59d2469a18fc08a1cf450e9e4_arm64",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:095068a422f174e35e3dfa16dc424c13e6dba5c59d2469a18fc08a1cf450e9e4_arm64",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:095068a422f174e35e3dfa16dc424c13e6dba5c59d2469a18fc08a1cf450e9e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:095068a422f174e35e3dfa16dc424c13e6dba5c59d2469a18fc08a1cf450e9e4?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.9.2-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:ab621b9f3ac6390e0457a7bb362be27dd071092ba247d34e341a827d392ec547_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:ab621b9f3ac6390e0457a7bb362be27dd071092ba247d34e341a827d392ec547_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:ab621b9f3ac6390e0457a7bb362be27dd071092ba247d34e341a827d392ec547_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:ab621b9f3ac6390e0457a7bb362be27dd071092ba247d34e341a827d392ec547?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-552"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:5d72c559dc381d3fc815f54b5491be0a72e193e31bf800e337e19ba5d6a98746_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:5d72c559dc381d3fc815f54b5491be0a72e193e31bf800e337e19ba5d6a98746_arm64",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:5d72c559dc381d3fc815f54b5491be0a72e193e31bf800e337e19ba5d6a98746_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:5d72c559dc381d3fc815f54b5491be0a72e193e31bf800e337e19ba5d6a98746?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-235"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:b681e152d1534c53b3c0eec088060dc2af74d5be33136ae7c2e19cad3d88d829_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:b681e152d1534c53b3c0eec088060dc2af74d5be33136ae7c2e19cad3d88d829_s390x",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:b681e152d1534c53b3c0eec088060dc2af74d5be33136ae7c2e19cad3d88d829_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:b681e152d1534c53b3c0eec088060dc2af74d5be33136ae7c2e19cad3d88d829?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.9.2-9"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:de02ae0bf1936e581f2c094188885a6678487e291874f601a403b57a06cddb2f_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:de02ae0bf1936e581f2c094188885a6678487e291874f601a403b57a06cddb2f_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:de02ae0bf1936e581f2c094188885a6678487e291874f601a403b57a06cddb2f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:de02ae0bf1936e581f2c094188885a6678487e291874f601a403b57a06cddb2f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-232"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:efb30e1aab21a9d2b68317c46e9c257c1342a0336296d9cf2702eef2300501d2_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:efb30e1aab21a9d2b68317c46e9c257c1342a0336296d9cf2702eef2300501d2_s390x",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:efb30e1aab21a9d2b68317c46e9c257c1342a0336296d9cf2702eef2300501d2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:efb30e1aab21a9d2b68317c46e9c257c1342a0336296d9cf2702eef2300501d2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-252"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:0c49b5b637eb960dfefbd22855f2a29690564d93b8afe52f0a437a85be919a61_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:0c49b5b637eb960dfefbd22855f2a29690564d93b8afe52f0a437a85be919a61_s390x",
"product_id": "openshift-logging/fluentd-rhel9@sha256:0c49b5b637eb960dfefbd22855f2a29690564d93b8afe52f0a437a85be919a61_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:0c49b5b637eb960dfefbd22855f2a29690564d93b8afe52f0a437a85be919a61?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.9.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:249cf561231b5a793354263fd859382229a2c700639367ba8e12979385431349_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:249cf561231b5a793354263fd859382229a2c700639367ba8e12979385431349_s390x",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:249cf561231b5a793354263fd859382229a2c700639367ba8e12979385431349_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:249cf561231b5a793354263fd859382229a2c700639367ba8e12979385431349?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v2.9.8-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:1ec24450d98b058769d0d7846d965b3142be24a9b5cc0493f4d6be229a97e2d8_s390x",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:1ec24450d98b058769d0d7846d965b3142be24a9b5cc0493f4d6be229a97e2d8_s390x",
"product_id": "openshift-logging/vector-rhel9@sha256:1ec24450d98b058769d0d7846d965b3142be24a9b5cc0493f4d6be229a97e2d8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:1ec24450d98b058769d0d7846d965b3142be24a9b5cc0493f4d6be229a97e2d8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.34.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:b1be984196fa8641d129c0a70e46651448b58516220a488efcb51f8639357f7a_s390x",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:b1be984196fa8641d129c0a70e46651448b58516220a488efcb51f8639357f7a_s390x",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:b1be984196fa8641d129c0a70e46651448b58516220a488efcb51f8639357f7a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:b1be984196fa8641d129c0a70e46651448b58516220a488efcb51f8639357f7a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.9.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:4974a3ced8c308d257e52162ff0c40f562650965d27df34cb6110fb6ccee7733_s390x",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:4974a3ced8c308d257e52162ff0c40f562650965d27df34cb6110fb6ccee7733_s390x",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:4974a3ced8c308d257e52162ff0c40f562650965d27df34cb6110fb6ccee7733_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:4974a3ced8c308d257e52162ff0c40f562650965d27df34cb6110fb6ccee7733?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.9.2-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:a352d682e5e375e9c4d290611353a07984f976d694cc67918883e17674ac8b8c_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:a352d682e5e375e9c4d290611353a07984f976d694cc67918883e17674ac8b8c_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:a352d682e5e375e9c4d290611353a07984f976d694cc67918883e17674ac8b8c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:a352d682e5e375e9c4d290611353a07984f976d694cc67918883e17674ac8b8c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-552"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:db0266ed24e85f1e869f5c6c74cd968135f218eb26de51047541fac13794b7a5_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:db0266ed24e85f1e869f5c6c74cd968135f218eb26de51047541fac13794b7a5_s390x",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:db0266ed24e85f1e869f5c6c74cd968135f218eb26de51047541fac13794b7a5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:db0266ed24e85f1e869f5c6c74cd968135f218eb26de51047541fac13794b7a5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-235"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:a75b8dc9936e65b2ffbcca73a47456b38e6a2dc406f39577c6646ce8d33c5238_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:a75b8dc9936e65b2ffbcca73a47456b38e6a2dc406f39577c6646ce8d33c5238_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:a75b8dc9936e65b2ffbcca73a47456b38e6a2dc406f39577c6646ce8d33c5238_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:16ab3024f9162cdb35e94994ddf180c6dc3ddf00a7a8dbeef439f4bd913586d7_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:16ab3024f9162cdb35e94994ddf180c6dc3ddf00a7a8dbeef439f4bd913586d7_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:16ab3024f9162cdb35e94994ddf180c6dc3ddf00a7a8dbeef439f4bd913586d7_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:387887a51d53040ab5740e4879802f1d22d517832a6ced9d23c816b8b99628dc_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:387887a51d53040ab5740e4879802f1d22d517832a6ced9d23c816b8b99628dc_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:387887a51d53040ab5740e4879802f1d22d517832a6ced9d23c816b8b99628dc_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:988d3b3d190f02843552bc389d25c5909b62547c2ebd2ca0b6f2cb82470dbd23_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:988d3b3d190f02843552bc389d25c5909b62547c2ebd2ca0b6f2cb82470dbd23_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:988d3b3d190f02843552bc389d25c5909b62547c2ebd2ca0b6f2cb82470dbd23_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:b681e152d1534c53b3c0eec088060dc2af74d5be33136ae7c2e19cad3d88d829_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:b681e152d1534c53b3c0eec088060dc2af74d5be33136ae7c2e19cad3d88d829_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:b681e152d1534c53b3c0eec088060dc2af74d5be33136ae7c2e19cad3d88d829_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:3b1c2089a6e83b1ae4ba64c42e882439054118f356fdd64ec916176a997ac854_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:3b1c2089a6e83b1ae4ba64c42e882439054118f356fdd64ec916176a997ac854_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:3b1c2089a6e83b1ae4ba64c42e882439054118f356fdd64ec916176a997ac854_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:9ce41fbe39e9483f854bcbffee9799f219aea90796062b2bd11be3440a9de525_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:9ce41fbe39e9483f854bcbffee9799f219aea90796062b2bd11be3440a9de525_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:9ce41fbe39e9483f854bcbffee9799f219aea90796062b2bd11be3440a9de525_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:a57906b3fefd8eb0fa0603cb8755278978f34d925720b8ac30098604cf0a4179_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a57906b3fefd8eb0fa0603cb8755278978f34d925720b8ac30098604cf0a4179_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:a57906b3fefd8eb0fa0603cb8755278978f34d925720b8ac30098604cf0a4179_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:efb30e1aab21a9d2b68317c46e9c257c1342a0336296d9cf2702eef2300501d2_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:efb30e1aab21a9d2b68317c46e9c257c1342a0336296d9cf2702eef2300501d2_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:efb30e1aab21a9d2b68317c46e9c257c1342a0336296d9cf2702eef2300501d2_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:0c49b5b637eb960dfefbd22855f2a29690564d93b8afe52f0a437a85be919a61_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:0c49b5b637eb960dfefbd22855f2a29690564d93b8afe52f0a437a85be919a61_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:0c49b5b637eb960dfefbd22855f2a29690564d93b8afe52f0a437a85be919a61_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:47bff7b6c79af4793cd04cbec1f0a28ec2eef0d0f11dfe86aea87fafc369be64_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:47bff7b6c79af4793cd04cbec1f0a28ec2eef0d0f11dfe86aea87fafc369be64_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:47bff7b6c79af4793cd04cbec1f0a28ec2eef0d0f11dfe86aea87fafc369be64_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:6e0d349969484482a2e02e5bd65b0a2a14379118935cfab29d9b875aa1fc3b28_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e0d349969484482a2e02e5bd65b0a2a14379118935cfab29d9b875aa1fc3b28_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:6e0d349969484482a2e02e5bd65b0a2a14379118935cfab29d9b875aa1fc3b28_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:aaf2dd9162077621883a3b52bd87fe3a6a86275f3fc45dafe494ab1f97b62f5a_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:aaf2dd9162077621883a3b52bd87fe3a6a86275f3fc45dafe494ab1f97b62f5a_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:aaf2dd9162077621883a3b52bd87fe3a6a86275f3fc45dafe494ab1f97b62f5a_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:879b38f0cf7fa776f298a4cee08e35f92f35f792c42fbfd2f7a03f3f50bfbef1_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:879b38f0cf7fa776f298a4cee08e35f92f35f792c42fbfd2f7a03f3f50bfbef1_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:879b38f0cf7fa776f298a4cee08e35f92f35f792c42fbfd2f7a03f3f50bfbef1_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d318895fe58db2b899d76975a18bd3858d4e76a6a5de5d2917ccdf3290734d9c_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:d318895fe58db2b899d76975a18bd3858d4e76a6a5de5d2917ccdf3290734d9c_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d318895fe58db2b899d76975a18bd3858d4e76a6a5de5d2917ccdf3290734d9c_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d80ef1784f96465d305c50888176db38b2566e9991769b25445d485d47ada5b4_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:d80ef1784f96465d305c50888176db38b2566e9991769b25445d485d47ada5b4_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:d80ef1784f96465d305c50888176db38b2566e9991769b25445d485d47ada5b4_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:de02ae0bf1936e581f2c094188885a6678487e291874f601a403b57a06cddb2f_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:de02ae0bf1936e581f2c094188885a6678487e291874f601a403b57a06cddb2f_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:de02ae0bf1936e581f2c094188885a6678487e291874f601a403b57a06cddb2f_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:1d40fa988963f381718d124e59387dad32d1d958e52f63a28ac48409bdfd1eec_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d40fa988963f381718d124e59387dad32d1d958e52f63a28ac48409bdfd1eec_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:1d40fa988963f381718d124e59387dad32d1d958e52f63a28ac48409bdfd1eec_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:249cf561231b5a793354263fd859382229a2c700639367ba8e12979385431349_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:249cf561231b5a793354263fd859382229a2c700639367ba8e12979385431349_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:249cf561231b5a793354263fd859382229a2c700639367ba8e12979385431349_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:d7a273e837f49536edc95f79fff0cefad5419717518390433200e7cbbe299194_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:d7a273e837f49536edc95f79fff0cefad5419717518390433200e7cbbe299194_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:d7a273e837f49536edc95f79fff0cefad5419717518390433200e7cbbe299194_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:dbfa3914b34fd20a494da31e1920e926417627656f9b2761832ddbdcdd3e780e_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:dbfa3914b34fd20a494da31e1920e926417627656f9b2761832ddbdcdd3e780e_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:dbfa3914b34fd20a494da31e1920e926417627656f9b2761832ddbdcdd3e780e_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:04e3d5de1f21d91e7234a0d2af6e096d02b845dfc1826cdeebc642eeda67049c_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:04e3d5de1f21d91e7234a0d2af6e096d02b845dfc1826cdeebc642eeda67049c_amd64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:04e3d5de1f21d91e7234a0d2af6e096d02b845dfc1826cdeebc642eeda67049c_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:713be73184bd943c98edd0761eae838c73ef3e2ad3c54d5236c70fe4ed62e073_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:713be73184bd943c98edd0761eae838c73ef3e2ad3c54d5236c70fe4ed62e073_arm64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:713be73184bd943c98edd0761eae838c73ef3e2ad3c54d5236c70fe4ed62e073_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:b1be984196fa8641d129c0a70e46651448b58516220a488efcb51f8639357f7a_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:b1be984196fa8641d129c0a70e46651448b58516220a488efcb51f8639357f7a_s390x"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:b1be984196fa8641d129c0a70e46651448b58516220a488efcb51f8639357f7a_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:ec1c839b591a2c7b044abf21486dfc998b4434ff2c23a93cbf393b714f6dbc95_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:ec1c839b591a2c7b044abf21486dfc998b4434ff2c23a93cbf393b714f6dbc95_ppc64le"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:ec1c839b591a2c7b044abf21486dfc998b4434ff2c23a93cbf393b714f6dbc95_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:68dd8394cf3f44d9827cb7b8976044e23d92349262334c8def4b2d15cde7a8e3_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:68dd8394cf3f44d9827cb7b8976044e23d92349262334c8def4b2d15cde7a8e3_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:68dd8394cf3f44d9827cb7b8976044e23d92349262334c8def4b2d15cde7a8e3_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:06b890fc00bc1cd8cd0fb3264a0588ebc3bf8c581b1923aaa7fc56161a931b50_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:06b890fc00bc1cd8cd0fb3264a0588ebc3bf8c581b1923aaa7fc56161a931b50_amd64"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:06b890fc00bc1cd8cd0fb3264a0588ebc3bf8c581b1923aaa7fc56161a931b50_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:095068a422f174e35e3dfa16dc424c13e6dba5c59d2469a18fc08a1cf450e9e4_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:095068a422f174e35e3dfa16dc424c13e6dba5c59d2469a18fc08a1cf450e9e4_arm64"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:095068a422f174e35e3dfa16dc424c13e6dba5c59d2469a18fc08a1cf450e9e4_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:1ffc4bdc3b1ed8296208d63545e7a97a657c0124f7c27c616f2b56424f392025_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:1ffc4bdc3b1ed8296208d63545e7a97a657c0124f7c27c616f2b56424f392025_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:1ffc4bdc3b1ed8296208d63545e7a97a657c0124f7c27c616f2b56424f392025_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:4974a3ced8c308d257e52162ff0c40f562650965d27df34cb6110fb6ccee7733_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:4974a3ced8c308d257e52162ff0c40f562650965d27df34cb6110fb6ccee7733_s390x"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:4974a3ced8c308d257e52162ff0c40f562650965d27df34cb6110fb6ccee7733_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:3c99722d349e2b6d640e8bf3d27c8af1705376db5a581b55abcad82487263f05_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:3c99722d349e2b6d640e8bf3d27c8af1705376db5a581b55abcad82487263f05_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:3c99722d349e2b6d640e8bf3d27c8af1705376db5a581b55abcad82487263f05_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:8d7bd7a959c3d645fad27dafa83aa3267891f6c92c359be2d3e679b516b37491_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8d7bd7a959c3d645fad27dafa83aa3267891f6c92c359be2d3e679b516b37491_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:8d7bd7a959c3d645fad27dafa83aa3267891f6c92c359be2d3e679b516b37491_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:a352d682e5e375e9c4d290611353a07984f976d694cc67918883e17674ac8b8c_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:a352d682e5e375e9c4d290611353a07984f976d694cc67918883e17674ac8b8c_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:a352d682e5e375e9c4d290611353a07984f976d694cc67918883e17674ac8b8c_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:ab621b9f3ac6390e0457a7bb362be27dd071092ba247d34e341a827d392ec547_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:ab621b9f3ac6390e0457a7bb362be27dd071092ba247d34e341a827d392ec547_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:ab621b9f3ac6390e0457a7bb362be27dd071092ba247d34e341a827d392ec547_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:1d78020e8f3a383caee4e1ef7b94eabf064a79b6bf6eee75630c370d692a4f02_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:1d78020e8f3a383caee4e1ef7b94eabf064a79b6bf6eee75630c370d692a4f02_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:1d78020e8f3a383caee4e1ef7b94eabf064a79b6bf6eee75630c370d692a4f02_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:4d9d91f06898e4fe73873c29ab7caf6f5a27647d88b323eda65d64ddeba89d7b_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:4d9d91f06898e4fe73873c29ab7caf6f5a27647d88b323eda65d64ddeba89d7b_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:4d9d91f06898e4fe73873c29ab7caf6f5a27647d88b323eda65d64ddeba89d7b_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:5d72c559dc381d3fc815f54b5491be0a72e193e31bf800e337e19ba5d6a98746_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:5d72c559dc381d3fc815f54b5491be0a72e193e31bf800e337e19ba5d6a98746_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:5d72c559dc381d3fc815f54b5491be0a72e193e31bf800e337e19ba5d6a98746_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:db0266ed24e85f1e869f5c6c74cd968135f218eb26de51047541fac13794b7a5_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:db0266ed24e85f1e869f5c6c74cd968135f218eb26de51047541fac13794b7a5_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:db0266ed24e85f1e869f5c6c74cd968135f218eb26de51047541fac13794b7a5_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:1ec24450d98b058769d0d7846d965b3142be24a9b5cc0493f4d6be229a97e2d8_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:1ec24450d98b058769d0d7846d965b3142be24a9b5cc0493f4d6be229a97e2d8_s390x"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:1ec24450d98b058769d0d7846d965b3142be24a9b5cc0493f4d6be229a97e2d8_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:44147d843590342c9e7642834161a81f887d7388f689b2cf3e4f5167cf7b0cd0_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:44147d843590342c9e7642834161a81f887d7388f689b2cf3e4f5167cf7b0cd0_amd64"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:44147d843590342c9e7642834161a81f887d7388f689b2cf3e4f5167cf7b0cd0_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:7a55232ce85ddad2b40040eb105df730d812e421ac03a6377544e576e90ad006_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:7a55232ce85ddad2b40040eb105df730d812e421ac03a6377544e576e90ad006_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:7a55232ce85ddad2b40040eb105df730d812e421ac03a6377544e576e90ad006_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:f11cd33e6565579f4391276a875dc736e94c9da18a5ed4685d9017d48dc083e0_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:f11cd33e6565579f4391276a875dc736e94c9da18a5ed4685d9017d48dc083e0_arm64"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:f11cd33e6565579f4391276a875dc736e94c9da18a5ed4685d9017d48dc083e0_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:a75b8dc9936e65b2ffbcca73a47456b38e6a2dc406f39577c6646ce8d33c5238_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:16ab3024f9162cdb35e94994ddf180c6dc3ddf00a7a8dbeef439f4bd913586d7_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:387887a51d53040ab5740e4879802f1d22d517832a6ced9d23c816b8b99628dc_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:988d3b3d190f02843552bc389d25c5909b62547c2ebd2ca0b6f2cb82470dbd23_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:b681e152d1534c53b3c0eec088060dc2af74d5be33136ae7c2e19cad3d88d829_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:3b1c2089a6e83b1ae4ba64c42e882439054118f356fdd64ec916176a997ac854_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:9ce41fbe39e9483f854bcbffee9799f219aea90796062b2bd11be3440a9de525_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a57906b3fefd8eb0fa0603cb8755278978f34d925720b8ac30098604cf0a4179_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:efb30e1aab21a9d2b68317c46e9c257c1342a0336296d9cf2702eef2300501d2_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:0c49b5b637eb960dfefbd22855f2a29690564d93b8afe52f0a437a85be919a61_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:47bff7b6c79af4793cd04cbec1f0a28ec2eef0d0f11dfe86aea87fafc369be64_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e0d349969484482a2e02e5bd65b0a2a14379118935cfab29d9b875aa1fc3b28_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:aaf2dd9162077621883a3b52bd87fe3a6a86275f3fc45dafe494ab1f97b62f5a_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:879b38f0cf7fa776f298a4cee08e35f92f35f792c42fbfd2f7a03f3f50bfbef1_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:d318895fe58db2b899d76975a18bd3858d4e76a6a5de5d2917ccdf3290734d9c_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:d80ef1784f96465d305c50888176db38b2566e9991769b25445d485d47ada5b4_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:de02ae0bf1936e581f2c094188885a6678487e291874f601a403b57a06cddb2f_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d40fa988963f381718d124e59387dad32d1d958e52f63a28ac48409bdfd1eec_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:249cf561231b5a793354263fd859382229a2c700639367ba8e12979385431349_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:d7a273e837f49536edc95f79fff0cefad5419717518390433200e7cbbe299194_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:dbfa3914b34fd20a494da31e1920e926417627656f9b2761832ddbdcdd3e780e_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:04e3d5de1f21d91e7234a0d2af6e096d02b845dfc1826cdeebc642eeda67049c_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:713be73184bd943c98edd0761eae838c73ef3e2ad3c54d5236c70fe4ed62e073_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:b1be984196fa8641d129c0a70e46651448b58516220a488efcb51f8639357f7a_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:ec1c839b591a2c7b044abf21486dfc998b4434ff2c23a93cbf393b714f6dbc95_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:68dd8394cf3f44d9827cb7b8976044e23d92349262334c8def4b2d15cde7a8e3_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:06b890fc00bc1cd8cd0fb3264a0588ebc3bf8c581b1923aaa7fc56161a931b50_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:095068a422f174e35e3dfa16dc424c13e6dba5c59d2469a18fc08a1cf450e9e4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:1ffc4bdc3b1ed8296208d63545e7a97a657c0124f7c27c616f2b56424f392025_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:4974a3ced8c308d257e52162ff0c40f562650965d27df34cb6110fb6ccee7733_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:3c99722d349e2b6d640e8bf3d27c8af1705376db5a581b55abcad82487263f05_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8d7bd7a959c3d645fad27dafa83aa3267891f6c92c359be2d3e679b516b37491_amd64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:a352d682e5e375e9c4d290611353a07984f976d694cc67918883e17674ac8b8c_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:ab621b9f3ac6390e0457a7bb362be27dd071092ba247d34e341a827d392ec547_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:1d78020e8f3a383caee4e1ef7b94eabf064a79b6bf6eee75630c370d692a4f02_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:4d9d91f06898e4fe73873c29ab7caf6f5a27647d88b323eda65d64ddeba89d7b_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:5d72c559dc381d3fc815f54b5491be0a72e193e31bf800e337e19ba5d6a98746_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:db0266ed24e85f1e869f5c6c74cd968135f218eb26de51047541fac13794b7a5_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:1ec24450d98b058769d0d7846d965b3142be24a9b5cc0493f4d6be229a97e2d8_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:44147d843590342c9e7642834161a81f887d7388f689b2cf3e4f5167cf7b0cd0_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:7a55232ce85ddad2b40040eb105df730d812e421ac03a6377544e576e90ad006_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:f11cd33e6565579f4391276a875dc736e94c9da18a5ed4685d9017d48dc083e0_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-23T06:20:48+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html\n\nFor Red Hat OpenShift Logging 5.9, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.14/logging/cluster-logging-upgrading.html",
"product_ids": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:a75b8dc9936e65b2ffbcca73a47456b38e6a2dc406f39577c6646ce8d33c5238_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:16ab3024f9162cdb35e94994ddf180c6dc3ddf00a7a8dbeef439f4bd913586d7_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:387887a51d53040ab5740e4879802f1d22d517832a6ced9d23c816b8b99628dc_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:988d3b3d190f02843552bc389d25c5909b62547c2ebd2ca0b6f2cb82470dbd23_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:b681e152d1534c53b3c0eec088060dc2af74d5be33136ae7c2e19cad3d88d829_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:3b1c2089a6e83b1ae4ba64c42e882439054118f356fdd64ec916176a997ac854_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:9ce41fbe39e9483f854bcbffee9799f219aea90796062b2bd11be3440a9de525_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a57906b3fefd8eb0fa0603cb8755278978f34d925720b8ac30098604cf0a4179_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:efb30e1aab21a9d2b68317c46e9c257c1342a0336296d9cf2702eef2300501d2_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:0c49b5b637eb960dfefbd22855f2a29690564d93b8afe52f0a437a85be919a61_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:47bff7b6c79af4793cd04cbec1f0a28ec2eef0d0f11dfe86aea87fafc369be64_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e0d349969484482a2e02e5bd65b0a2a14379118935cfab29d9b875aa1fc3b28_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:aaf2dd9162077621883a3b52bd87fe3a6a86275f3fc45dafe494ab1f97b62f5a_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:879b38f0cf7fa776f298a4cee08e35f92f35f792c42fbfd2f7a03f3f50bfbef1_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:d318895fe58db2b899d76975a18bd3858d4e76a6a5de5d2917ccdf3290734d9c_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:d80ef1784f96465d305c50888176db38b2566e9991769b25445d485d47ada5b4_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:de02ae0bf1936e581f2c094188885a6678487e291874f601a403b57a06cddb2f_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d40fa988963f381718d124e59387dad32d1d958e52f63a28ac48409bdfd1eec_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:249cf561231b5a793354263fd859382229a2c700639367ba8e12979385431349_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:d7a273e837f49536edc95f79fff0cefad5419717518390433200e7cbbe299194_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:dbfa3914b34fd20a494da31e1920e926417627656f9b2761832ddbdcdd3e780e_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:04e3d5de1f21d91e7234a0d2af6e096d02b845dfc1826cdeebc642eeda67049c_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:713be73184bd943c98edd0761eae838c73ef3e2ad3c54d5236c70fe4ed62e073_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:b1be984196fa8641d129c0a70e46651448b58516220a488efcb51f8639357f7a_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:ec1c839b591a2c7b044abf21486dfc998b4434ff2c23a93cbf393b714f6dbc95_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:68dd8394cf3f44d9827cb7b8976044e23d92349262334c8def4b2d15cde7a8e3_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:06b890fc00bc1cd8cd0fb3264a0588ebc3bf8c581b1923aaa7fc56161a931b50_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:095068a422f174e35e3dfa16dc424c13e6dba5c59d2469a18fc08a1cf450e9e4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:1ffc4bdc3b1ed8296208d63545e7a97a657c0124f7c27c616f2b56424f392025_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:4974a3ced8c308d257e52162ff0c40f562650965d27df34cb6110fb6ccee7733_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:3c99722d349e2b6d640e8bf3d27c8af1705376db5a581b55abcad82487263f05_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8d7bd7a959c3d645fad27dafa83aa3267891f6c92c359be2d3e679b516b37491_amd64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:a352d682e5e375e9c4d290611353a07984f976d694cc67918883e17674ac8b8c_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:ab621b9f3ac6390e0457a7bb362be27dd071092ba247d34e341a827d392ec547_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:1d78020e8f3a383caee4e1ef7b94eabf064a79b6bf6eee75630c370d692a4f02_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:4d9d91f06898e4fe73873c29ab7caf6f5a27647d88b323eda65d64ddeba89d7b_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:5d72c559dc381d3fc815f54b5491be0a72e193e31bf800e337e19ba5d6a98746_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:db0266ed24e85f1e869f5c6c74cd968135f218eb26de51047541fac13794b7a5_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:1ec24450d98b058769d0d7846d965b3142be24a9b5cc0493f4d6be229a97e2d8_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:44147d843590342c9e7642834161a81f887d7388f689b2cf3e4f5167cf7b0cd0_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:7a55232ce85ddad2b40040eb105df730d812e421ac03a6377544e576e90ad006_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:f11cd33e6565579f4391276a875dc736e94c9da18a5ed4685d9017d48dc083e0_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2933"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:a75b8dc9936e65b2ffbcca73a47456b38e6a2dc406f39577c6646ce8d33c5238_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:16ab3024f9162cdb35e94994ddf180c6dc3ddf00a7a8dbeef439f4bd913586d7_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:387887a51d53040ab5740e4879802f1d22d517832a6ced9d23c816b8b99628dc_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:988d3b3d190f02843552bc389d25c5909b62547c2ebd2ca0b6f2cb82470dbd23_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:b681e152d1534c53b3c0eec088060dc2af74d5be33136ae7c2e19cad3d88d829_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:3b1c2089a6e83b1ae4ba64c42e882439054118f356fdd64ec916176a997ac854_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:9ce41fbe39e9483f854bcbffee9799f219aea90796062b2bd11be3440a9de525_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a57906b3fefd8eb0fa0603cb8755278978f34d925720b8ac30098604cf0a4179_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:efb30e1aab21a9d2b68317c46e9c257c1342a0336296d9cf2702eef2300501d2_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:0c49b5b637eb960dfefbd22855f2a29690564d93b8afe52f0a437a85be919a61_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:47bff7b6c79af4793cd04cbec1f0a28ec2eef0d0f11dfe86aea87fafc369be64_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e0d349969484482a2e02e5bd65b0a2a14379118935cfab29d9b875aa1fc3b28_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:aaf2dd9162077621883a3b52bd87fe3a6a86275f3fc45dafe494ab1f97b62f5a_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:879b38f0cf7fa776f298a4cee08e35f92f35f792c42fbfd2f7a03f3f50bfbef1_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:d318895fe58db2b899d76975a18bd3858d4e76a6a5de5d2917ccdf3290734d9c_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:d80ef1784f96465d305c50888176db38b2566e9991769b25445d485d47ada5b4_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:de02ae0bf1936e581f2c094188885a6678487e291874f601a403b57a06cddb2f_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d40fa988963f381718d124e59387dad32d1d958e52f63a28ac48409bdfd1eec_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:249cf561231b5a793354263fd859382229a2c700639367ba8e12979385431349_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:d7a273e837f49536edc95f79fff0cefad5419717518390433200e7cbbe299194_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:dbfa3914b34fd20a494da31e1920e926417627656f9b2761832ddbdcdd3e780e_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:04e3d5de1f21d91e7234a0d2af6e096d02b845dfc1826cdeebc642eeda67049c_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:713be73184bd943c98edd0761eae838c73ef3e2ad3c54d5236c70fe4ed62e073_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:b1be984196fa8641d129c0a70e46651448b58516220a488efcb51f8639357f7a_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:ec1c839b591a2c7b044abf21486dfc998b4434ff2c23a93cbf393b714f6dbc95_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:68dd8394cf3f44d9827cb7b8976044e23d92349262334c8def4b2d15cde7a8e3_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:06b890fc00bc1cd8cd0fb3264a0588ebc3bf8c581b1923aaa7fc56161a931b50_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:095068a422f174e35e3dfa16dc424c13e6dba5c59d2469a18fc08a1cf450e9e4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:1ffc4bdc3b1ed8296208d63545e7a97a657c0124f7c27c616f2b56424f392025_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:4974a3ced8c308d257e52162ff0c40f562650965d27df34cb6110fb6ccee7733_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:3c99722d349e2b6d640e8bf3d27c8af1705376db5a581b55abcad82487263f05_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8d7bd7a959c3d645fad27dafa83aa3267891f6c92c359be2d3e679b516b37491_amd64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:a352d682e5e375e9c4d290611353a07984f976d694cc67918883e17674ac8b8c_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:ab621b9f3ac6390e0457a7bb362be27dd071092ba247d34e341a827d392ec547_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:1d78020e8f3a383caee4e1ef7b94eabf064a79b6bf6eee75630c370d692a4f02_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:4d9d91f06898e4fe73873c29ab7caf6f5a27647d88b323eda65d64ddeba89d7b_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:5d72c559dc381d3fc815f54b5491be0a72e193e31bf800e337e19ba5d6a98746_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:db0266ed24e85f1e869f5c6c74cd968135f218eb26de51047541fac13794b7a5_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:1ec24450d98b058769d0d7846d965b3142be24a9b5cc0493f4d6be229a97e2d8_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:44147d843590342c9e7642834161a81f887d7388f689b2cf3e4f5167cf7b0cd0_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:7a55232ce85ddad2b40040eb105df730d812e421ac03a6377544e576e90ad006_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:f11cd33e6565579f4391276a875dc736e94c9da18a5ed4685d9017d48dc083e0_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:a75b8dc9936e65b2ffbcca73a47456b38e6a2dc406f39577c6646ce8d33c5238_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:16ab3024f9162cdb35e94994ddf180c6dc3ddf00a7a8dbeef439f4bd913586d7_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:387887a51d53040ab5740e4879802f1d22d517832a6ced9d23c816b8b99628dc_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:988d3b3d190f02843552bc389d25c5909b62547c2ebd2ca0b6f2cb82470dbd23_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:b681e152d1534c53b3c0eec088060dc2af74d5be33136ae7c2e19cad3d88d829_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:3b1c2089a6e83b1ae4ba64c42e882439054118f356fdd64ec916176a997ac854_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:9ce41fbe39e9483f854bcbffee9799f219aea90796062b2bd11be3440a9de525_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:a57906b3fefd8eb0fa0603cb8755278978f34d925720b8ac30098604cf0a4179_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:efb30e1aab21a9d2b68317c46e9c257c1342a0336296d9cf2702eef2300501d2_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:0c49b5b637eb960dfefbd22855f2a29690564d93b8afe52f0a437a85be919a61_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:47bff7b6c79af4793cd04cbec1f0a28ec2eef0d0f11dfe86aea87fafc369be64_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e0d349969484482a2e02e5bd65b0a2a14379118935cfab29d9b875aa1fc3b28_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:aaf2dd9162077621883a3b52bd87fe3a6a86275f3fc45dafe494ab1f97b62f5a_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:879b38f0cf7fa776f298a4cee08e35f92f35f792c42fbfd2f7a03f3f50bfbef1_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:d318895fe58db2b899d76975a18bd3858d4e76a6a5de5d2917ccdf3290734d9c_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:d80ef1784f96465d305c50888176db38b2566e9991769b25445d485d47ada5b4_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:de02ae0bf1936e581f2c094188885a6678487e291874f601a403b57a06cddb2f_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:1d40fa988963f381718d124e59387dad32d1d958e52f63a28ac48409bdfd1eec_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:249cf561231b5a793354263fd859382229a2c700639367ba8e12979385431349_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:d7a273e837f49536edc95f79fff0cefad5419717518390433200e7cbbe299194_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:dbfa3914b34fd20a494da31e1920e926417627656f9b2761832ddbdcdd3e780e_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:04e3d5de1f21d91e7234a0d2af6e096d02b845dfc1826cdeebc642eeda67049c_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:713be73184bd943c98edd0761eae838c73ef3e2ad3c54d5236c70fe4ed62e073_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:b1be984196fa8641d129c0a70e46651448b58516220a488efcb51f8639357f7a_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:ec1c839b591a2c7b044abf21486dfc998b4434ff2c23a93cbf393b714f6dbc95_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:68dd8394cf3f44d9827cb7b8976044e23d92349262334c8def4b2d15cde7a8e3_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:06b890fc00bc1cd8cd0fb3264a0588ebc3bf8c581b1923aaa7fc56161a931b50_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:095068a422f174e35e3dfa16dc424c13e6dba5c59d2469a18fc08a1cf450e9e4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:1ffc4bdc3b1ed8296208d63545e7a97a657c0124f7c27c616f2b56424f392025_ppc64le",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:4974a3ced8c308d257e52162ff0c40f562650965d27df34cb6110fb6ccee7733_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:3c99722d349e2b6d640e8bf3d27c8af1705376db5a581b55abcad82487263f05_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8d7bd7a959c3d645fad27dafa83aa3267891f6c92c359be2d3e679b516b37491_amd64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:a352d682e5e375e9c4d290611353a07984f976d694cc67918883e17674ac8b8c_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:ab621b9f3ac6390e0457a7bb362be27dd071092ba247d34e341a827d392ec547_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:1d78020e8f3a383caee4e1ef7b94eabf064a79b6bf6eee75630c370d692a4f02_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:4d9d91f06898e4fe73873c29ab7caf6f5a27647d88b323eda65d64ddeba89d7b_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:5d72c559dc381d3fc815f54b5491be0a72e193e31bf800e337e19ba5d6a98746_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:db0266ed24e85f1e869f5c6c74cd968135f218eb26de51047541fac13794b7a5_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:1ec24450d98b058769d0d7846d965b3142be24a9b5cc0493f4d6be229a97e2d8_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:44147d843590342c9e7642834161a81f887d7388f689b2cf3e4f5167cf7b0cd0_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:7a55232ce85ddad2b40040eb105df730d812e421ac03a6377544e576e90ad006_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:f11cd33e6565579f4391276a875dc736e94c9da18a5ed4685d9017d48dc083e0_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
}
]
}
RHSA-2024:2935
Vulnerability from csaf_redhat - Published: 2024-05-21 10:06 - Updated: 2026-06-02 15:09Summary
Red Hat Security Advisory: go-toolset:rhel8 security update
Severity
Important
Notes
Topic: An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.Z.EUS:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:golang-docs-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:golang-misc-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:golang-race-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:golang-src-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:golang-tests-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
11 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2935",
"url": "https://access.redhat.com/errata/RHSA-2024:2935"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2935.json"
}
],
"title": "Red Hat Security Advisory: go-toolset:rhel8 security update",
"tracking": {
"current_release_date": "2026-06-02T15:09:40+00:00",
"generator": {
"date": "2026-06-02T15:09:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:2935",
"initial_release_date": "2024-05-21T10:06:56+00:00",
"revision_history": [
{
"date": "2024-05-21T10:06:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-21T10:06:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:09:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.6::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"product": {
"name": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src (go-toolset:rhel8)",
"product_id": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.7.2-1.module%2Bel8.6.0%2B12972%2Bebab5911?arch=src\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.src (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.17.13-1.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=src\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8",
"product": {
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.src (go-toolset:rhel8)",
"product_id": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.17.13-3.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=src\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64 (go-toolset:rhel8)",
"product_id": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.7.2-1.module%2Bel8.6.0%2B12972%2Bebab5911?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.7.2-1.module%2Bel8.6.0%2B12972%2Bebab5911?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.7.2-1.module%2Bel8.6.0%2B12972%2Bebab5911?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.x86_64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.17.13-1.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64 (go-toolset:rhel8)",
"product_id": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.17.13-3.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.17.13-3.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64 (go-toolset:rhel8)",
"product_id": "golang-race-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.17.13-3.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"product": {
"name": "golang-docs-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch (go-toolset:rhel8)",
"product_id": "golang-docs-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.17.13-3.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=noarch\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"product": {
"name": "golang-misc-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch (go-toolset:rhel8)",
"product_id": "golang-misc-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.17.13-3.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=noarch\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"product": {
"name": "golang-src-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch (go-toolset:rhel8)",
"product_id": "golang-src-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.17.13-3.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=noarch\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"product": {
"name": "golang-tests-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch (go-toolset:rhel8)",
"product_id": "golang-tests-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.17.13-3.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=noarch\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.aarch64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.17.13-1.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64 (go-toolset:rhel8)",
"product_id": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.17.13-3.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.17.13-3.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.ppc64le (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.17.13-1.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le (go-toolset:rhel8)",
"product_id": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.17.13-3.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.17.13-3.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.s390x (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.17.13-1.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=s390x\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"product": {
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x (go-toolset:rhel8)",
"product_id": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.17.13-3.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=s390x\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.17.13-3.module%2Bel8.6.0%2B21758%2Bc87a29d6?arch=s390x\u0026rpmmod=go-toolset:rhel8:8060020240426233308:97d7f71f"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8"
},
"product_reference": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8"
},
"product_reference": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8"
},
"product_reference": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:golang-docs-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8"
},
"product_reference": "golang-docs-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:golang-misc-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8"
},
"product_reference": "golang-misc-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:golang-race-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:golang-src-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8"
},
"product_reference": "golang-src-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:golang-tests-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8"
},
"product_reference": "golang-tests-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.EUS:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-docs-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-misc-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-race-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-src-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-tests-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-21T10:06:56+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.EUS:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-docs-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-misc-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-race-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-src-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-tests-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2935"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"AppStream-8.6.0.Z.EUS:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-docs-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-misc-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-race-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-src-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-tests-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.EUS:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:go-toolset-0:1.17.13-1.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.src::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.s390x::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-bin-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-docs-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-misc-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-race-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-src-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8",
"AppStream-8.6.0.Z.EUS:golang-tests-0:1.17.13-3.module+el8.6.0+21758+c87a29d6.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
}
]
}
RHSA-2024:2936
Vulnerability from csaf_redhat - Published: 2024-05-21 10:06 - Updated: 2026-06-02 15:09Summary
Red Hat Security Advisory: go-toolset:rhel8 security update
Severity
Important
Notes
Topic: An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:golang-docs-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:golang-misc-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:golang-race-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:golang-src-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:golang-tests-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
11 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2936",
"url": "https://access.redhat.com/errata/RHSA-2024:2936"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2936.json"
}
],
"title": "Red Hat Security Advisory: go-toolset:rhel8 security update",
"tracking": {
"current_release_date": "2026-06-02T15:09:41+00:00",
"generator": {
"date": "2026-06-02T15:09:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:2936",
"initial_release_date": "2024-05-21T10:06:56+00:00",
"revision_history": [
{
"date": "2024-05-21T10:06:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-21T10:06:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:09:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"product": {
"name": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src (go-toolset:rhel8)",
"product_id": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.9.1-1.module%2Bel8.8.0%2B16778%2B5fbb74f5?arch=src\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.module%2Bel8.8.0%2B20380%2B7171fefb?arch=src\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.src::go-toolset:rhel8",
"product": {
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.src (go-toolset:rhel8)",
"product_id": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-7.module%2Bel8.8.0%2B21782%2B8d42ce3c?arch=src\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64 (go-toolset:rhel8)",
"product_id": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.9.1-1.module%2Bel8.8.0%2B16778%2B5fbb74f5?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.9.1-1.module%2Bel8.8.0%2B16778%2B5fbb74f5?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.9.1-1.module%2Bel8.8.0%2B16778%2B5fbb74f5?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.module%2Bel8.8.0%2B20380%2B7171fefb?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64 (go-toolset:rhel8)",
"product_id": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-7.module%2Bel8.8.0%2B21782%2B8d42ce3c?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.19.13-7.module%2Bel8.8.0%2B21782%2B8d42ce3c?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64 (go-toolset:rhel8)",
"product_id": "golang-race-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.19.13-7.module%2Bel8.8.0%2B21782%2B8d42ce3c?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"product": {
"name": "golang-docs-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch (go-toolset:rhel8)",
"product_id": "golang-docs-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.19.13-7.module%2Bel8.8.0%2B21782%2B8d42ce3c?arch=noarch\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"product": {
"name": "golang-misc-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch (go-toolset:rhel8)",
"product_id": "golang-misc-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.19.13-7.module%2Bel8.8.0%2B21782%2B8d42ce3c?arch=noarch\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"product": {
"name": "golang-src-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch (go-toolset:rhel8)",
"product_id": "golang-src-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.19.13-7.module%2Bel8.8.0%2B21782%2B8d42ce3c?arch=noarch\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"product": {
"name": "golang-tests-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch (go-toolset:rhel8)",
"product_id": "golang-tests-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.19.13-7.module%2Bel8.8.0%2B21782%2B8d42ce3c?arch=noarch\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.module%2Bel8.8.0%2B20380%2B7171fefb?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64 (go-toolset:rhel8)",
"product_id": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-7.module%2Bel8.8.0%2B21782%2B8d42ce3c?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.19.13-7.module%2Bel8.8.0%2B21782%2B8d42ce3c?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.module%2Bel8.8.0%2B20380%2B7171fefb?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le (go-toolset:rhel8)",
"product_id": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-7.module%2Bel8.8.0%2B21782%2B8d42ce3c?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.19.13-7.module%2Bel8.8.0%2B21782%2B8d42ce3c?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.19.13-1.module%2Bel8.8.0%2B20380%2B7171fefb?arch=s390x\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8",
"product": {
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x (go-toolset:rhel8)",
"product_id": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.19.13-7.module%2Bel8.8.0%2B21782%2B8d42ce3c?arch=s390x\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.19.13-7.module%2Bel8.8.0%2B21782%2B8d42ce3c?arch=s390x\u0026rpmmod=go-toolset:rhel8:8080020240506114235:6b4b45d8"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8"
},
"product_reference": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8"
},
"product_reference": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.src::go-toolset:rhel8"
},
"product_reference": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:golang-docs-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8"
},
"product_reference": "golang-docs-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:golang-misc-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8"
},
"product_reference": "golang-misc-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:golang-race-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:golang-src-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8"
},
"product_reference": "golang-src-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:golang-tests-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8"
},
"product_reference": "golang-tests-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-docs-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-misc-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-race-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-src-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-tests-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-21T10:06:56+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-docs-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-misc-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-race-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-src-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-tests-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2936"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"AppStream-8.8.0.Z.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-docs-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-misc-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-race-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-src-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-tests-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:delve-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:delve-debuginfo-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:delve-debugsource-0:1.9.1-1.module+el8.8.0+16778+5fbb74f5.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:go-toolset-0:1.19.13-1.module+el8.8.0+20380+7171fefb.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.src::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.aarch64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.ppc64le::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.s390x::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-bin-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-docs-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-misc-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-race-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.x86_64::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-src-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8",
"AppStream-8.8.0.Z.EUS:golang-tests-0:1.19.13-7.module+el8.8.0+21782+8d42ce3c.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
}
]
}
RHSA-2024:2941
Vulnerability from csaf_redhat - Published: 2024-05-21 09:58 - Updated: 2026-06-12 14:44Summary
Red Hat Security Advisory: RHACS 4.4 enhancement and security update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes changes, bug fixes, and updates to patch vulnerabilities.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of RHACS 4.4.2 provides the following bug fixes:
* Before this update, Collector pods on nodes with 128 or more cores would fail with a `CrashLoopBackOff` status due to issues with how the CO-RE BPF allocated kernel memory. The patch release fixes this issue.
* This release updates the Scanner baseline vulnerability data to address changes made to the Red Hat security data feeds that were not compatible with earlier data from Scanner’s scheduled feed processing. This fixes various issues where vulnerabilities were detected for images containing packages that were incorrectly indicated as affected by a vulnerability.
* This release fixes a crash and rendering error in the network graph that occurs when Central is running an RHACS release of 4.3.6 or earlier and Sensor is running an RHACS release of 4.4.0 or later.
* Previously, RHACS did not update the alerts when violations changed. This release fixes the issue, and RHACS correctly updates the alerts when violations change.
This release provides the following changes:
* The default telemetry endpoint is now set to a Red Hat proxy.
* This release includes a new environment variable, ROX_API_TOKEN_FILE, that you can use to pass your API’s token file path to the `roxctl` CLI.
This releases updates the following items to patch vulnerabilities:
* (CVE-2023-45288) Go has been updated to release 1.21.9.
* (CVE-2023-45288) The `golang.org/x/net` module has been updated from release v0.22.0 to v0.23.0.
* (CVE-2024-29180) webpack-dev-middleware module has been updated form version 5.3.3 to 5.3.4.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
39 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Go's net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
5.3 (Medium)
Affected products
Fixed
39 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was discovered in Go's net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.
5.3 (Medium)
Affected products
Fixed
39 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.
5.9 (Medium)
Affected products
Fixed
39 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Go's net/mail standard library package. The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using different parsers.
5.4 (Medium)
Affected products
Fixed
39 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.
7.4 (High)
Affected products
Fixed
39 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
45 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes changes, bug fixes, and updates to patch vulnerabilities.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 4.4.2 provides the following bug fixes:\n\n* Before this update, Collector pods on nodes with 128 or more cores would fail with a `CrashLoopBackOff` status due to issues with how the CO-RE BPF allocated kernel memory. The patch release fixes this issue.\n* This release updates the Scanner baseline vulnerability data to address changes made to the Red Hat security data feeds that were not compatible with earlier data from Scanner\u2019s scheduled feed processing. This fixes various issues where vulnerabilities were detected for images containing packages that were incorrectly indicated as affected by a vulnerability.\n* This release fixes a crash and rendering error in the network graph that occurs when Central is running an RHACS release of 4.3.6 or earlier and Sensor is running an RHACS release of 4.4.0 or later.\n* Previously, RHACS did not update the alerts when violations changed. This release fixes the issue, and RHACS correctly updates the alerts when violations change.\n\nThis release provides the following changes:\n\n* The default telemetry endpoint is now set to a Red Hat proxy.\n* This release includes a new environment variable, ROX_API_TOKEN_FILE, that you can use to pass your API\u2019s token file path to the `roxctl` CLI.\n\nThis releases updates the following items to patch vulnerabilities:\n\n* (CVE-2023-45288) Go has been updated to release 1.21.9.\n* (CVE-2023-45288) The `golang.org/x/net` module has been updated from release v0.22.0 to v0.23.0.\n* (CVE-2024-29180) webpack-dev-middleware module has been updated form version 5.3.3 to 5.3.4.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2941",
"url": "https://access.redhat.com/errata/RHSA-2024:2941"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html",
"url": "https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html"
},
{
"category": "external",
"summary": "2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2941.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.4 enhancement and security update",
"tracking": {
"current_release_date": "2026-06-12T14:44:28+00:00",
"generator": {
"date": "2026-06-12T14:44:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2024:2941",
"initial_release_date": "2024-05-21T09:58:45+00:00",
"revision_history": [
{
"date": "2024-05-21T09:58:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-21T09:58:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-12T14:44:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.4 for RHEL 8",
"product": {
"name": "RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.2-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.2-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.2-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-21T09:58:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to patch release 4.4.2.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2941"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
},
{
"cve": "CVE-2023-45289",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45289"
},
{
"category": "external",
"summary": "RHBZ#2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-21T09:58:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to patch release 4.4.2.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2941"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect"
},
{
"cve": "CVE-2023-45290",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268017"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Go\u0027s net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45290"
},
{
"category": "external",
"summary": "RHBZ#2268017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268017"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://go.dev/cl/569341",
"url": "https://go.dev/cl/569341"
},
{
"category": "external",
"summary": "https://go.dev/issue/65383",
"url": "https://go.dev/issue/65383"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2599",
"url": "https://pkg.go.dev/vuln/GO-2024-2599"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0004",
"url": "https://security.netapp.com/advisory/ntap-20240329-0004"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-21T09:58:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to patch release 4.4.2.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2941"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm"
},
{
"cve": "CVE-2024-24783",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268019"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24783"
},
{
"category": "external",
"summary": "RHBZ#2268019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp",
"url": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp"
},
{
"category": "external",
"summary": "https://go.dev/cl/569339",
"url": "https://go.dev/cl/569339"
},
{
"category": "external",
"summary": "https://go.dev/issue/65390",
"url": "https://go.dev/issue/65390"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2598",
"url": "https://pkg.go.dev/vuln/GO-2024-2598"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0005",
"url": "https://security.netapp.com/advisory/ntap-20240329-0005"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-21T09:58:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to patch release 4.4.2.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2941"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm"
},
{
"cve": "CVE-2024-24784",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268021"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/mail standard library package. The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using different parsers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/mail: comments in display names are incorrectly handled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24784"
},
{
"category": "external",
"summary": "RHBZ#2268021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268021"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24784",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24784"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-21T09:58:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to patch release 4.4.2.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2941"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/mail: comments in display names are incorrectly handled"
},
{
"cve": "CVE-2024-29180",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270863"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer\u0027s machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack-dev-middleware: lack of URL validation may lead to file leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in webpack-dev represents a important security issue due to its potential to expose sensitive files and compromise developer machines. By failing to validate URLs and normalize paths effectively, the middleware allows attackers to craft malicious requests that can retrieve arbitrary local files or perform unauthorized path traversal. This could lead to unauthorized access to confidential information, including source code, configuration files, and even system-level files. Given the widespread use of webpack-dev-middleware in web development environments, addressing this vulnerability promptly is important to prevent serious data breaches and protect the integrity of development processes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29180"
},
{
"category": "external",
"summary": "RHBZ#2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6",
"url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-21T09:58:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to patch release 4.4.2.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2941"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "webpack-dev-middleware: lack of URL validation may lead to file leak"
}
]
}
RHSA-2024:3259
Vulnerability from csaf_redhat - Published: 2024-05-22 11:47 - Updated: 2026-06-12 14:44Summary
Red Hat Security Advisory: go-toolset:rhel8 security update
Severity
Important
Notes
Topic: An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
* golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect (CVE-2023-45289)
* golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)
* golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm (CVE-2024-24783)
* golang: net/mail: comments in display names are incorrectly handled (CVE-2024-24784)
* golang: html/template: errors returned from MarshalJSON methods may break template escaping (CVE-2024-24785)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Go's net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
5.3 (Medium)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was discovered in Go's net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.
5.3 (Medium)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.
5.9 (Medium)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Go's net/mail standard library package. The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using different parsers.
5.4 (Medium)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Go's html/template standard library package. If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing subsequent actions to inject unexpected content into templates.
6.5 (Medium)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
50 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)\n\n* golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect (CVE-2023-45289)\n\n* golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)\n\n* golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm (CVE-2024-24783)\n\n* golang: net/mail: comments in display names are incorrectly handled (CVE-2024-24784)\n\n* golang: html/template: errors returned from MarshalJSON methods may break template escaping (CVE-2024-24785)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:3259",
"url": "https://access.redhat.com/errata/RHSA-2024:3259"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2268017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268017"
},
{
"category": "external",
"summary": "2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "2268019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268019"
},
{
"category": "external",
"summary": "2268021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268021"
},
{
"category": "external",
"summary": "2268022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268022"
},
{
"category": "external",
"summary": "2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3259.json"
}
],
"title": "Red Hat Security Advisory: go-toolset:rhel8 security update",
"tracking": {
"current_release_date": "2026-06-12T14:44:27+00:00",
"generator": {
"date": "2026-06-12T14:44:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2024:3259",
"initial_release_date": "2024-05-22T11:47:21+00:00",
"revision_history": [
{
"date": "2024-05-22T11:47:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-22T11:47:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-12T14:44:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"product": {
"name": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src (go-toolset:rhel8)",
"product_id": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.21.2-3.module%2Bel8.10.0%2B21244%2B5b2d9000?arch=src\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=src\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"product": {
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src (go-toolset:rhel8)",
"product_id": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=src\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"product": {
"name": "golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch (go-toolset:rhel8)",
"product_id": "golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"product": {
"name": "golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch (go-toolset:rhel8)",
"product_id": "golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"product": {
"name": "golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch (go-toolset:rhel8)",
"product_id": "golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"product": {
"name": "golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch (go-toolset:rhel8)",
"product_id": "golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64 (go-toolset:rhel8)",
"product_id": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.21.2-3.module%2Bel8.10.0%2B21244%2B5b2d9000?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.21.2-3.module%2Bel8.10.0%2B21244%2B5b2d9000?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.21.2-3.module%2Bel8.10.0%2B21244%2B5b2d9000?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64 (go-toolset:rhel8)",
"product_id": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"product": {
"name": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le (go-toolset:rhel8)",
"product_id": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.21.2-3.module%2Bel8.10.0%2B21244%2B5b2d9000?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.21.2-3.module%2Bel8.10.0%2B21244%2B5b2d9000?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.21.2-3.module%2Bel8.10.0%2B21244%2B5b2d9000?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le (go-toolset:rhel8)",
"product_id": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64 (go-toolset:rhel8)",
"product_id": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.21.2-3.module%2Bel8.10.0%2B21244%2B5b2d9000?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.21.2-3.module%2Bel8.10.0%2B21244%2B5b2d9000?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.21.2-3.module%2Bel8.10.0%2B21244%2B5b2d9000?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64 (go-toolset:rhel8)",
"product_id": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"product": {
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x (go-toolset:rhel8)",
"product_id": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.21.9-1.module%2Bel8.10.0%2B21671%2Bb35c3b78?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020240412145753:a3795dee"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8"
},
"product_reference": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8"
},
"product_reference": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8"
},
"product_reference": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8"
},
"product_reference": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
},
"product_reference": "golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
},
"product_reference": "golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
},
"product_reference": "golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
},
"product_reference": "golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T11:47:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3259"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
},
{
"cve": "CVE-2023-45289",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45289"
},
{
"category": "external",
"summary": "RHBZ#2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T11:47:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3259"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect"
},
{
"cve": "CVE-2023-45290",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268017"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Go\u0027s net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45290"
},
{
"category": "external",
"summary": "RHBZ#2268017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268017"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://go.dev/cl/569341",
"url": "https://go.dev/cl/569341"
},
{
"category": "external",
"summary": "https://go.dev/issue/65383",
"url": "https://go.dev/issue/65383"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2599",
"url": "https://pkg.go.dev/vuln/GO-2024-2599"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0004",
"url": "https://security.netapp.com/advisory/ntap-20240329-0004"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T11:47:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3259"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm"
},
{
"cve": "CVE-2024-24783",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268019"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24783"
},
{
"category": "external",
"summary": "RHBZ#2268019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp",
"url": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp"
},
{
"category": "external",
"summary": "https://go.dev/cl/569339",
"url": "https://go.dev/cl/569339"
},
{
"category": "external",
"summary": "https://go.dev/issue/65390",
"url": "https://go.dev/issue/65390"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2598",
"url": "https://pkg.go.dev/vuln/GO-2024-2598"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0005",
"url": "https://security.netapp.com/advisory/ntap-20240329-0005"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T11:47:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3259"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm"
},
{
"cve": "CVE-2024-24784",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268021"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/mail standard library package. The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using different parsers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/mail: comments in display names are incorrectly handled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24784"
},
{
"category": "external",
"summary": "RHBZ#2268021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268021"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24784",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24784"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T11:47:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3259"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/mail: comments in display names are incorrectly handled"
},
{
"cve": "CVE-2024-24785",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s html/template standard library package. If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing subsequent actions to inject unexpected content into templates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: errors returned from MarshalJSON methods may break template escaping",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24785"
},
{
"category": "external",
"summary": "RHBZ#2268022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24785"
},
{
"category": "external",
"summary": "https://go.dev/cl/564196",
"url": "https://go.dev/cl/564196"
},
{
"category": "external",
"summary": "https://go.dev/issue/65697",
"url": "https://go.dev/issue/65697"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2024-2610.json",
"url": "https://vuln.go.dev/ID/GO-2024-2610.json"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T11:47:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3259"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.21.2-3.module+el8.10.0+21244+5b2d9000.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.21.9-1.module+el8.10.0+21671+b35c3b78.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: errors returned from MarshalJSON methods may break template escaping"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…