Vulnerability-Lookup

CVE-2023-45289 (GCVE-0-2023-45289)

Vulnerability from cvelistv5 – Published: 2024-03-05 22:22 – Updated: 2025-02-13 17:14

Title

Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

Summary

When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.

Severity

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer

Assigner

References

6 references

URL	Tags
https://go.dev/issue/65065
https://go.dev/cl/569340
https://groups.google.com/g/golang-announce/c/5pw…
https://pkg.go.dev/vuln/GO-2024-2600
https://security.netapp.com/advisory/ntap-2024032…
http://www.openwall.com/lists/oss-security/2024/03/08/4

Impacted products

2 products

Vendor	Product	Version
Go standard library	net/http	Affected: 0 , < 1.21.8 (semver) Affected: 1.22.0-0 , < 1.22.1 (semver)
Go standard library	net/http/cookiejar	Affected: 0 , < 1.21.8 (semver) Affected: 1.22.0-0 , < 1.22.1 (semver)

Credits

Juho Nurminen of Mattermost

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 4.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-45289",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-06T16:34:47.460894Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-04T18:24:28.343Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:21:15.333Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/issue/65065"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/cl/569340"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://pkg.go.dev/vuln/GO-2024-2600"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240329-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "net/http",
          "product": "net/http",
          "programRoutines": [
            {
              "name": "isDomainOrSubdomain"
            },
            {
              "name": "Client.Do"
            },
            {
              "name": "Client.Get"
            },
            {
              "name": "Client.Head"
            },
            {
              "name": "Client.Post"
            },
            {
              "name": "Client.PostForm"
            },
            {
              "name": "Get"
            },
            {
              "name": "Head"
            },
            {
              "name": "Post"
            },
            {
              "name": "PostForm"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.21.8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.22.1",
              "status": "affected",
              "version": "1.22.0-0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "net/http/cookiejar",
          "product": "net/http/cookiejar",
          "programRoutines": [
            {
              "name": "isIP"
            },
            {
              "name": "Jar.Cookies"
            },
            {
              "name": "Jar.SetCookies"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.21.8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.22.1",
              "status": "affected",
              "version": "1.22.0-0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Juho Nurminen of Mattermost"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-01T17:09:39.339Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/issue/65065"
        },
        {
          "url": "https://go.dev/cl/569340"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2024-2600"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240329-0006/"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
        }
      ],
      "title": "Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2023-45289",
    "datePublished": "2024-03-05T22:22:30.306Z",
    "dateReserved": "2023-10-06T17:06:26.221Z",
    "dateUpdated": "2025-02-13T17:14:01.755Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-45289",
      "date": "2026-06-11",
      "epss": "0.00615",
      "percentile": "0.70393"
    },
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \\\"Authorization\\\" or \\\"Cookie\\\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.\"}, {\"lang\": \"es\", \"value\": \"Al seguir una redirecci\\u00f3n HTTP a un dominio que no es una coincidencia de subdominio o una coincidencia exacta del dominio inicial, un cliente http.no reenv\\u00eda encabezados confidenciales como \\\"Autorizaci\\u00f3n\\\" o \\\"Cookie\\\". Por ejemplo, una redirecci\\u00f3n de foo.com a www.foo.com reenviar\\u00e1 el encabezado de Autorizaci\\u00f3n, pero una redirecci\\u00f3n a bar.com no. Una redirecci\\u00f3n HTTP creada con fines malintencionados podr\\u00eda provocar que se reenv\\u00eden inesperadamente encabezados confidenciales.\"}]",
      "id": "CVE-2023-45289",
      "lastModified": "2024-11-21T08:26:42.620",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}]}",
      "published": "2024-03-05T23:15:07.137",
      "references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/08/4\", \"source\": \"security@golang.org\"}, {\"url\": \"https://go.dev/cl/569340\", \"source\": \"security@golang.org\"}, {\"url\": \"https://go.dev/issue/65065\", \"source\": \"security@golang.org\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg\", \"source\": \"security@golang.org\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-2600\", \"source\": \"security@golang.org\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240329-0006/\", \"source\": \"security@golang.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/08/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://go.dev/cl/569340\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://go.dev/issue/65065\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-2600\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240329-0006/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security@golang.org",
      "vulnStatus": "Awaiting Analysis"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-45289\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2024-03-05T23:15:07.137\",\"lastModified\":\"2024-11-21T08:26:42.620\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \\\"Authorization\\\" or \\\"Cookie\\\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.\"},{\"lang\":\"es\",\"value\":\"Al seguir una redirecci\u00f3n HTTP a un dominio que no es una coincidencia de subdominio o una coincidencia exacta del dominio inicial, un cliente http.no reenv\u00eda encabezados confidenciales como \\\"Autorizaci\u00f3n\\\" o \\\"Cookie\\\". Por ejemplo, una redirecci\u00f3n de foo.com a www.foo.com reenviar\u00e1 el encabezado de Autorizaci\u00f3n, pero una redirecci\u00f3n a bar.com no. Una redirecci\u00f3n HTTP creada con fines malintencionados podr\u00eda provocar que se reenv\u00eden inesperadamente encabezados confidenciales.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2024/03/08/4\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/cl/569340\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/issue/65065\",\"source\":\"security@golang.org\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2024-2600\",\"source\":\"security@golang.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240329-0006/\",\"source\":\"security@golang.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/03/08/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://go.dev/cl/569340\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://go.dev/issue/65065\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2024-2600\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240329-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://go.dev/issue/65065\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://go.dev/cl/569340\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-2600\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240329-0006/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/08/4\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T20:21:15.333Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-45289\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-06T16:34:47.460894Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:11.406Z\"}}], \"cna\": {\"title\": \"Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http\", \"credits\": [{\"lang\": \"en\", \"value\": \"Juho Nurminen of Mattermost\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"net/http\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.21.8\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.22.0-0\", \"lessThan\": \"1.22.1\", \"versionType\": \"semver\"}], \"packageName\": \"net/http\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"isDomainOrSubdomain\"}, {\"name\": \"Client.Do\"}, {\"name\": \"Client.Get\"}, {\"name\": \"Client.Head\"}, {\"name\": \"Client.Post\"}, {\"name\": \"Client.PostForm\"}, {\"name\": \"Get\"}, {\"name\": \"Head\"}, {\"name\": \"Post\"}, {\"name\": \"PostForm\"}]}, {\"vendor\": \"Go standard library\", \"product\": \"net/http/cookiejar\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.21.8\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.22.0-0\", \"lessThan\": \"1.22.1\", \"versionType\": \"semver\"}], \"packageName\": \"net/http/cookiejar\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"isIP\"}, {\"name\": \"Jar.Cookies\"}, {\"name\": \"Jar.SetCookies\"}]}], \"references\": [{\"url\": \"https://go.dev/issue/65065\"}, {\"url\": \"https://go.dev/cl/569340\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-2600\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240329-0006/\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/08/4\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \\\"Authorization\\\" or \\\"Cookie\\\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2024-05-01T17:09:39.339Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-45289\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T17:14:01.755Z\", \"dateReserved\": \"2023-10-06T17:06:26.221Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2024-03-05T22:22:30.306Z\", \"assignerShortName\": \"Go\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

WID-SEC-W-2024-1474

Vulnerability from csaf_certbund - Published: 2024-06-27 22:00 - Updated: 2025-08-26 22:00

Summary

Red Hat OpenShift Container Platform: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.

Angriff: Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder Daten zu manipulieren.

Betroffene Betriebssysteme: - Linux

CVE-2019-25210

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2023-29483

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2023-45142

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2023-45289

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2023-45290

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2023-47108

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2023-48795

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2023-52425

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-0874

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-1394

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-22189

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-2398

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-24783

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-24784

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-24785

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-24786

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-28110

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-28176

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-28180

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-28757

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-28849

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-29180

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-3177

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-3727

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

References

66 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://access.redhat.com/errata/RHSA-2024:0040	external
https://access.redhat.com/errata/RHSA-2024:0041	external
https://access.redhat.com/errata/RHSA-2024:0043	external
https://access.redhat.com/errata/RHSA-2024:0045	external
https://access.redhat.com/errata/RHSA-2024:3637	external
https://access.redhat.com/errata/RHSA-2024:3617	external
https://access.redhat.com/errata/RHSA-2024:1616	external
https://errata.build.resf.org/RLSA-2024:3968	external
https://access.redhat.com/errata/RHSA-2024:4150	external
https://access.redhat.com/errata/RHSA-2024:4159	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://access.redhat.com/errata/RHSA-2024:4591	external
https://access.redhat.com/errata/RHSA-2024:4613	external
https://access.redhat.com/errata/RHSA-2024:4699	external
https://access.redhat.com/errata/RHSA-2024:4850	external
https://access.redhat.com/errata/RHSA-2024:4846	external
https://access.redhat.com/errata/RHSA-2024:4960	external
https://access.redhat.com/errata/RHSA-2024:5094	external
https://access.redhat.com/errata/RHSA-2024:5258	external
https://alas.aws.amazon.com/AL2/ALASNITRO-ENCLAVE…	external
https://access.redhat.com/errata/RHSA-2024:5294	external
https://linux.oracle.com/errata/ELSA-2024-5294.html	external
https://linux.oracle.com/errata/ELSA-2024-5258.html	external
https://access.redhat.com/errata/RHSA-2024:5200	external
https://access.redhat.com/errata/RHSA-2024:5202	external
https://access.redhat.com/errata/RHSA-2024:5438	external
https://access.redhat.com/errata/RHSA-2024:5951	external
https://access.redhat.com/errata/RHSA-2024:6054	external
https://access.redhat.com/errata/RHSA-2024:6708	external
https://access.redhat.com/errata/RHSA-2024:6755	external
https://access.redhat.com/errata/RHSA-2024:6687	external
https://access.redhat.com/errata/RHSA-2024:6824	external
https://access.redhat.com/errata/RHSA-2024:7164	external
https://access.redhat.com/errata/RHSA-2024:7179	external
https://access.redhat.com/errata/RHSA-2024:7174	external
https://access.redhat.com/errata/RHSA-2024:7182	external
https://access.redhat.com/errata/RHSA-2024:3718	external
https://access.redhat.com/errata/RHSA-2024:7436	external
https://access.redhat.com/errata/RHSA-2024:3717	external
https://access.redhat.com/errata/RHSA-2024:7187	external
https://access.redhat.com/errata/RHSA-2024:7184	external
https://access.redhat.com/errata/RHSA-2024:7323	external
https://access.redhat.com/errata/RHSA-2024:8040	external
https://access.redhat.com/errata/RHSA-2024:7922	external
https://access.redhat.com/errata/RHSA-2024:7941	external
https://access.redhat.com/errata/RHSA-2024:8260	external
https://access.redhat.com/errata/RHSA-2024:8534	external
https://access.redhat.com/errata/RHSA-2024:8434	external
https://access.redhat.com/errata/RHSA-2024:8425	external
https://access.redhat.com/errata/RHSA-2024:8676	external
https://access.redhat.com/errata/RHSA-2024:9181	external
https://access.redhat.com/errata/RHSA-2024:9098	external
https://access.redhat.com/errata/RHSA-2024:9097	external
https://access.redhat.com/errata/RHSA-2024:9102	external
https://access.redhat.com/errata/RHSA-2024:9960	external
https://access.redhat.com/errata/RHSA-2024:9615	external
https://access.redhat.com/errata/RHSA-2024:10147	external
https://access.redhat.com/errata/RHSA-2024:8704	external
https://access.redhat.com/errata/RHSA-2024:11293	external
https://access.redhat.com/errata/RHSA-2024:6122	external
https://access.redhat.com/errata/RHSA-2025:4019	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.opensuse.org/archives/list/security…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder Daten zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1474 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1474.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1474 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1474"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0040 vom 2024-06-27",
        "url": "https://access.redhat.com/errata/RHSA-2024:0040"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0041 vom 2024-06-27",
        "url": "https://access.redhat.com/errata/RHSA-2024:0041"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0043 vom 2024-06-27",
        "url": "https://access.redhat.com/errata/RHSA-2024:0043"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0045 vom 2024-06-27",
        "url": "https://access.redhat.com/errata/RHSA-2024:0045"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3637 vom 2024-07-01",
        "url": "https://access.redhat.com/errata/RHSA-2024:3637"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3617 vom 2024-07-01",
        "url": "https://access.redhat.com/errata/RHSA-2024:3617"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1616 vom 2024-07-01",
        "url": "https://access.redhat.com/errata/RHSA-2024:1616"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:3968 vom 2024-07-02",
        "url": "https://errata.build.resf.org/RLSA-2024:3968"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4150 vom 2024-07-03",
        "url": "https://access.redhat.com/errata/RHSA-2024:4150"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4159 vom 2024-07-03",
        "url": "https://access.redhat.com/errata/RHSA-2024:4159"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-BD8FE42929 vom 2024-07-06",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-bd8fe42929"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4591 vom 2024-07-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:4591"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4613 vom 2024-07-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:4613"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4699 vom 2024-07-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:4699"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4850 vom 2024-07-31",
        "url": "https://access.redhat.com/errata/RHSA-2024:4850"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4846 vom 2024-07-31",
        "url": "https://access.redhat.com/errata/RHSA-2024:4846"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4960 vom 2024-08-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:4960"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5094 vom 2024-08-08",
        "url": "https://access.redhat.com/errata/RHSA-2024:5094"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5258 vom 2024-08-13",
        "url": "https://access.redhat.com/errata/RHSA-2024:5258"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASNITRO-ENCLAVES-2024-042 vom 2024-08-13",
        "url": "https://alas.aws.amazon.com/AL2/ALASNITRO-ENCLAVES-2024-042.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5294 vom 2024-08-14",
        "url": "https://access.redhat.com/errata/RHSA-2024:5294"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-5294 vom 2024-08-14",
        "url": "https://linux.oracle.com/errata/ELSA-2024-5294.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-5258 vom 2024-08-14",
        "url": "https://linux.oracle.com/errata/ELSA-2024-5258.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5200 vom 2024-08-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:5200"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5202 vom 2024-08-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:5202"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5438 vom 2024-08-21",
        "url": "https://access.redhat.com/errata/RHSA-2024:5438"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5951 vom 2024-08-28",
        "url": "https://access.redhat.com/errata/RHSA-2024:5951"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6054 vom 2024-08-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:6054"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6708 vom 2024-09-16",
        "url": "https://access.redhat.com/errata/RHSA-2024:6708"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6755 vom 2024-09-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:6755"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6687 vom 2024-09-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:6687"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6824 vom 2024-09-24",
        "url": "https://access.redhat.com/errata/RHSA-2024:6824"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7164 vom 2024-09-26",
        "url": "https://access.redhat.com/errata/RHSA-2024:7164"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7179 vom 2024-10-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:7179"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7174 vom 2024-10-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:7174"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7179 vom 2024-10-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:7182"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3718 vom 2024-10-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:3718"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7436 vom 2024-10-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:7436"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3717 vom 2024-10-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:3717"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7187 vom 2024-10-03",
        "url": "https://access.redhat.com/errata/RHSA-2024:7187"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7184 vom 2024-10-03",
        "url": "https://access.redhat.com/errata/RHSA-2024:7184"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7323 vom 2024-10-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:7323"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8040 vom 2024-10-14",
        "url": "https://access.redhat.com/errata/RHSA-2024:8040"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7922 vom 2024-10-16",
        "url": "https://access.redhat.com/errata/RHSA-2024:7922"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7939 vom 2024-10-16",
        "url": "https://access.redhat.com/errata/RHSA-2024:7941"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8260 vom 2024-10-24",
        "url": "https://access.redhat.com/errata/RHSA-2024:8260"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8534 vom 2024-10-28",
        "url": "https://access.redhat.com/errata/RHSA-2024:8534"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8434 vom 2024-10-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:8434"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8425 vom 2024-10-31",
        "url": "https://access.redhat.com/errata/RHSA-2024:8425"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8676 vom 2024-10-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:8676"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9181 vom 2024-11-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:9181"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9098 vom 2024-11-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:9098"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9097 vom 2024-11-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:9097"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9102 vom 2024-11-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:9102"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9960 vom 2024-11-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:9960"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9615 vom 2024-11-20",
        "url": "https://access.redhat.com/errata/RHSA-2024:9615"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:10147 vom 2024-11-26",
        "url": "https://access.redhat.com/errata/RHSA-2024:10147"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8704 vom 2024-12-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:8704"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:11293 vom 2024-12-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:11293"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6122 vom 2025-02-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:6122"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:4019 vom 2025-04-23",
        "url": "https://access.redhat.com/errata/RHSA-2025:4019"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20013-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021364.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20055-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021310.html"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:0323-1 vom 2025-08-26",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TAOZOXVVSHLUMSNGQ4WCSWQAB5DM7EZH/"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat OpenShift Container Platform: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-08-26T22:00:00.000+00:00",
      "generator": {
        "date": "2025-08-27T11:46:37.250+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2024-1474",
      "initial_release_date": "2024-06-27T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-06-27T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-06-30T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-02T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation und Red Hat aufgenommen"
        },
        {
          "date": "2024-07-03T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-07T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2024-07-17T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-24T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-25T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-30T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-31T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-07T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-12T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-13T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2024-08-14T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-08-18T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-20T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-28T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-29T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-09-16T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-09-18T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-09-24T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-09-25T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-01T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-03T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-07T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-13T22:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-15T22:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-16T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-23T22:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-28T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-29T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-30T23:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-11T23:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-18T23:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-19T23:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-26T23:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-12-02T23:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-12-17T23:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-24T23:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-04-22T22:00:00.000+00:00",
          "number": "40",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-06-04T22:00:00.000+00:00",
          "number": "41",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-08-26T22:00:00.000+00:00",
          "number": "42",
          "summary": "Neue Updates von openSUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "42"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Ansible Automation Platform",
            "product": {
              "name": "Red Hat Ansible Automation Platform",
              "product_id": "T031834",
              "product_identification_helper": {
                "cpe": "cpe:/a:redhat:ansible_automation_platform:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Advanced Cluster Security for Kubernetes 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4",
                  "product_id": "T027916",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Advanced Cluster Security for Kubernetes 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4",
                  "product_id": "T033787",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Secondary Scheduler Operator",
                "product": {
                  "name": "Red Hat OpenShift Secondary Scheduler Operator",
                  "product_id": "T027759",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:::secondary_scheduler_operator"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Kube Descheduler Operator 5",
                "product": {
                  "name": "Red Hat OpenShift Kube Descheduler Operator 5",
                  "product_id": "T033270",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:kube_descheduler_operator_5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.16.0",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.16.0",
                  "product_id": "T035697"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.16.0",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.16.0",
                  "product_id": "T035697-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.16.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Run Once Duration Override Operator 1",
                "product": {
                  "name": "Red Hat OpenShift Run Once Duration Override Operator 1",
                  "product_id": "T035698",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:run_once_duration_override_operator_1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.16.1",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.16.1",
                  "product_id": "T035804"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.16.1",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.16.1",
                  "product_id": "T035804-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.16.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.12.63",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.12.63",
                  "product_id": "T036942"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.12.63",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.12.63",
                  "product_id": "T036942-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.12.63"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.15.28",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.15.28",
                  "product_id": "T036960"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.15.28",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.15.28",
                  "product_id": "T036960-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.15.28"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Virtualization \u003c4.15.5",
                "product": {
                  "name": "Red Hat OpenShift Virtualization \u003c4.15.5",
                  "product_id": "T037141"
                }
              },
              {
                "category": "product_version",
                "name": "Virtualization 4.15.5",
                "product": {
                  "name": "Red Hat OpenShift Virtualization 4.15.5",
                  "product_id": "T037141-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:virtualization__4.15.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.14.38",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.14.38",
                  "product_id": "T037940"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.14.38",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.14.38",
                  "product_id": "T037940-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.14.38"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "API for Data Protection 1",
                "product": {
                  "name": "Red Hat OpenShift API for Data Protection 1",
                  "product_id": "T039224",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:api_for_data_protection_1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.16.23",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.16.23",
                  "product_id": "T039272"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.16.23",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.16.23",
                  "product_id": "T039272-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.16.23"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.16.24",
                "product": {
                  "name": "Red Hat OpenShift \u003c4.16.24",
                  "product_id": "T039438"
                }
              },
              {
                "category": "product_version",
                "name": "4.16.24",
                "product": {
                  "name": "Red Hat OpenShift 4.16.24",
                  "product_id": "T039438-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:4.16.24"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.18.10",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.18.10",
                  "product_id": "T043077"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.18.10",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.18.10",
                  "product_id": "T043077-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.18.10"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenShift"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-25210",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2019-25210"
    },
    {
      "cve": "CVE-2023-29483",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2023-29483"
    },
    {
      "cve": "CVE-2023-45142",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2023-45142"
    },
    {
      "cve": "CVE-2023-45289",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2023-45289"
    },
    {
      "cve": "CVE-2023-45290",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2023-45290"
    },
    {
      "cve": "CVE-2023-47108",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2023-47108"
    },
    {
      "cve": "CVE-2023-48795",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-52425",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2024-0874",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-0874"
    },
    {
      "cve": "CVE-2024-1394",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-1394"
    },
    {
      "cve": "CVE-2024-22189",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-22189"
    },
    {
      "cve": "CVE-2024-2398",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-2398"
    },
    {
      "cve": "CVE-2024-24783",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-24783"
    },
    {
      "cve": "CVE-2024-24784",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-24784"
    },
    {
      "cve": "CVE-2024-24785",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-24785"
    },
    {
      "cve": "CVE-2024-24786",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-24786"
    },
    {
      "cve": "CVE-2024-28110",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-28110"
    },
    {
      "cve": "CVE-2024-28176",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-28176"
    },
    {
      "cve": "CVE-2024-28180",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-28180"
    },
    {
      "cve": "CVE-2024-28757",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-28757"
    },
    {
      "cve": "CVE-2024-28849",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-28849"
    },
    {
      "cve": "CVE-2024-29180",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-29180"
    },
    {
      "cve": "CVE-2024-3177",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-3177"
    },
    {
      "cve": "CVE-2024-3727",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-3727"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-45289 (GCVE-0-2023-45289)

WID-SEC-W-2024-1474

Tags

Sightings

Nomenclature